Customers’ names, mailing addresses, e-mail addresses, phone numbers, credit card numbers, expiration dates and CVV codes may have been accessed.