Marks & Spencer had to suspend its website for two hours after customers were able to see other people’s details when they logged in to their accounts.
The firm said no one’s details were compromised by the “internal technical problem”, but apologised to customers for the inconvenience.
Customers told of their shock when they logged in to their online accounts to see other people’s orders, with some claiming they could see payment details.
The firm temporarily suspended its website on Tuesday night while it investigated the “technical difficulties”, a spokeswoman said.
She added that customers may have been able to see the last four digits of another person’s payment card “for a brief moment”, but said as details were encrypted there was no security risk.
“There were no financial details compromised at all,” she said. “We weren’t hacked by a third party. It was an internal technical problem.”
Writing on the company’s Facebook page, Wendie Mitchell claimed she had been able to see two people’s accounts when she tried to buy a pair of jeans online as a birthday present for her husband.
Another shopper said she saw other people’s information even when she logged out and in again.
Mandy Green was among a number of consumers calling for the company to provide reassurance that their accounts had not been compromised.
She wrote: “What reassurances are you offering to customers as I now feel that my details could be misused by anyone?”
A spokeswoman for the company said: “Due to a technical issue we temporarily suspended our website last night. This allowed us to thoroughly investigate and resolve the issue and quickly restore service for our customers. We apologise to customers for any inconvenience caused.”