Update: Play.com has issued Eurogamer the following statement attributed to company CEO John Perkins.
"On Sunday 20 March some customers reported receiving a spam email to email addresses they only use for Play.com. We reacted immediately by informing all our customers of this potential security breach in order for them to take the necessary precautionary steps."
"We believe this issue may be related to some irregular activity that was identified in December 2010 at our email service provider, Silverpop. Investigations at the time showed no evidence that any of our customer email addresses had been downloaded. We would like to assure all our customers that the only information communicated to our email service provider was email addresses. Play.com has taken all the necessary steps with Silverpop to ensure a security breach of this nature does not happen again."
"We would also like to reassure our customers that all other personal information (i.e. credit cards, addresses, passwords, etc.) are kept in the very secure Play.com environment. Play.com has one of the most stringent internal standards of e-commerce security in the industry. This is audited and tested several times a year by leading internet security companies to ensure this high level of security is maintained. On behalf of Play.com, I would like to once again apologise to our customers for any inconvenience due to a potential increase in spam that may be caused by this issue."
Original story: Online shop Play.com has sent an "important" email to customers warning of a security breach that has "compromised" some names and email addresses.
"We are emailing all our customers to let you know that a company that handles part of our marketing communications has had a security breach. Unfortunately this has meant that some customer names and email addresses may have been compromised," the message read.
"We take privacy and security very seriously and ensure all sensitive customer data is protected. Please be assured this issue has occurred outside of Play.com and no other personal customer information has been involved. "Please be assured we have taken every step to ensure this doesn't happen again and accept our apologies for any inconvenience this may have caused some of you. "
The email asked that customers be "vigilant" when reading emails. Play.com, the message added, "will never ask you for information such as passwords, bank account details or credit card numbers" that way.
"If you receive anything suspicious in your email, please do not click on any links and forward the email on to [privacy at play dot com] for us to investigate."