U.K. electronics retailer Kitronik has told customers the Magecart gang managed to infiltrate the company’s payment system gaining access to some of their information.

Attackers use POS malware to steal payment card data. The malware enabled some of 2013 and 2014’s biggest breaches, including Target and Home Depot. Backoff and BlackPOS are two examples.

The Register purportedly saw one of the emails Kitronik’s customer emails saying the malware was on the company website from August until mid-September and names, email addresses, card numbers, expiry dates, CVV codes and address were exposed.

“Although we have a mechanism in place to alert us if the code on the website changes, this attack was very sophisticated and bypassed that code by making changes to the website database. The companies that take card payments on our behalf monitor trends and it was the payment gateway provider that notified us of a higher than normal amount of fraud, which triggered our investigation,” The Register quoted from the Kitronik email.

Magecart this year has cut a swath through a variety of retailers and businesses, including British Airways, Newegg, Recipe Unlimited and Ticketmaster.