The group said in a stock exchange announcement that as part of an investigation into a cyber attack that took place earlier this year, it is contacting two groups of customers not previously notified.
This includes the holders of 77,000 payment cards whose name, billing address, email address, card payment information – including card number, expiry date and card verification value – have potentially been compromised.
A further 108,000 people’s personal details without card verification value have also been compromised.