Fast Retailing Co., Asia’s largest retailer, said hackers may have gained access to the personal information of about half a million users of its Uniqlo and GU brand e-commerce portals.

Hackers accessed at least 460,000 accounts registered on Fast Retailing’s Japanese shopping websites, the company said in a statement Monday. Users’ personal information, purchase history and parts of credit card numbers may have been accessed, the Tokyo-based retailer said. The hack occurred from April 23 to May 10, and the company is still investigating.

Consumer data security has become a growing concern for corporations as e-commerce proliferates, with an increasing number of retail and services companies reporting incidents. Last year, Cathay Pacific Airways Ltd. and Marriott International Inc. were among those reporting that hackers accessed customers’ personal information.

The incident was limited to the Japan websites and the breach was a list-based attack, Fast Retailing said. Such access can happen when customers use the same ID and password combinations on multiple websites. The company advised users to change their passwords.

Read also: It's a family affair at Uniqlo, if not quite a succession plan

Fast Retailing has been investing heavily to build up its e-commerce operation. Internet sales made up 10% of domestic sales in the first half of the company’s current fiscal year. It doesn’t disclose the total number of online users.

Shares of Fast Retailing were down less than 1% at 11:02 a.m. Tuesday in Tokyo, while the benchmark Topix index slipped 0.9%.