In an email sent on Friday, the bookseller's managing director, Mark Newman, said a potential hack was detected two days earlier.
"On (Wednesday), Dymocks became aware that an unauthorised party may have access to some of our customer records," he told customers.
Mr Newman said an investigation to assess what had happened was launched as soon as the breach was detected.
"While our investigation is ongoing and at the early stages, our cybersecurity experts have found evidence of discussions regarding our customer records being available on the dark web," he said.
The company said it was unsure how many customers were impacted and it promised to update those affected when it had more information.
Customers were warned their email addresses, phone numbers, postal addresses, genders and dates of birth could form part of the breached data.
Membership details were also potentially leaked.
Dymocks said customers' financial information was not held by the company and was not at risk, but it apologised for the incident.
The company suggested customers keep an eye on their online accounts and consider changing passwords to boost security.
AAP has contacted Dymocks for comment.
12°C