Catalogue-based retailer is revealed to have sent out customers' credit card details in unencrypted emails confirming orders.
Argos has been sending out unencrypted emails containing customers' full names, addresses, credit card numbers and three-digit security codes, in order to confirm orders placed on its website.
The story, as reported in computing magazine PCPro, came to light when one of its readers alerted the magazine to an email he had received, which featured his card number and security code embedded in the HTML.
The person in question has since had his credit card details stolen, although there is no evidence to link the theft to the Argos email.
Although the details do not appear in plain text in the body of the email, embedding them in the HTML would still leave customers open to online fraud, explained PCPro, as anybody monitoring network traffic could easily see the data.
The flawed emails were being sent out to customers as early as last September, however the problem was not fixed until last month. It is unknown how many customers have been affected.
A statement issued by Argos explained that it "takes the security of its customers' data extremely seriously, is fully aware of the requirements of the Data Protection Act and has taken remedial action in relation to this matter."
It added: "We are in contact with the Information Commissioner's Office. We have made them aware of our approach to customer communications and will continue to work closely with them to ensure we are taking all appropriate actions."
Figures released today revealed that total fraud losses on UK cards fell 28% between 2008 and 2009 to £440.3 million.
However, online banking losses totalled £59.7m in 2009 - a 14% increase on 2008's figure. This increase is said to be largely due to criminals using more sophisticated methods to target online banking customers.
Chair of The UK Cards Association Melanie Johnson said: "The cards industry sees fighting fraud as a key part of keeping its customers' interests centre-stage. We are committed to a wide range of measures to ensure customers feel confident, safe and secure when they use their credit and debit cards - whether in a shop, abroad, online, at a cash machine or anywhere else.
"And a fall in card fraud is good news for everyone - UK consumers, retailers and the industry. We recognise that cards will always be targeted by criminals, so we are determined not only to continue to prevent, detect and deter those who are behind this type of crime, but also to make sure that innocent victims don't lose out."