Hackers have breached a payments network belonging to US food retailer SuperValu.
Account numbers, expiration dates and names associated with cards used at point-of-sales terminals belonging to 180 of the company's stores between June 22 and July 17 may have been stolen.
Sam Duncan, president and chief executive of SuperValu, said: "The safety of our customers' personal information is a top priority for us.
"The intrusion was identified by our internal team, it was quickly contained, and we have had no evidence of any misuse of any customer data."
The firm believes that its Save-A-Lot stores are unaffected, as well as independent grocery stores that are supplied by the company.
However 29 franchised Cub Foods stores and standalone liquor stores may have been affected during the same period.
Independent forensics experts are investigating the breach, but SuperValu are "confident" the intrusion has been contained, and that the affected stores are now safe to use.
"I regret any inconvenience that this may cause our customers but want to assure them that it is safe to shop in our stores," Duncan said.
Federal police and major payment card companies are also said to have been notified.
Customers who may have been affected by the breach are being offered year of complimentary consumer identity protection from AllClear ID.
A list of affected stores is available online.