Ashampoo, a German maker of Windows utilities and security software, warned this week that customer names and e-mail addresses were stolen and could be used in targeted malware attacks.
"Hackers gained access to one of our servers. We discovered the break-in and interrupted it instantly," Ashampoo Chief Executive Rolf Hilchner wrote in a message on the company Web site earlier this week.
Billing information, including credit card and bank account numbers, was not affected, he said, adding that German law enforcement is investigating but "unfortunately, the traces of the well-concealed hackers currently disperse abroad."
Attackers often send e-mails with malware-laden attachments to e-mail addresses found in the databases they breach, pretending to be a confirmation of an order from the company, Hilchner said.
The company did not disclose how many customers were affected.
People should be cautious about opening unsolicited or unexpected e-mails, even from companies they know, and keep antivirus software up to date, he said.
The news comes two weeks after dozens of big companies in the United States, including Citibank, Chase, Capital One, Walgreens, Target, Best Buy, and Verizon, warned customers about the potential for targeted phishing attacks in the wake of a data breach at e-mail marketing service provider Epsilon.