St John Ambulance has been hit by a ransomware attack, the charity has revealed.
The charity said in a statement that the ransomware attack happened on 2 July at 9am, but was dealt with within 30 minutes and did not affect operational systems.
The first-aid charity said it was confident that the attack, which targeted its course booking system, had not resulted in the theft of any data.
Information targeted included the names of people attending courses, contact details, course details and invoicing details.
Everyone who attended a course carried out by the charity until February 2019 will have been affected, the charity said.
Bank card details were not stored on the system targeted or by the charity, so were unaffected by the attack.
No ransom was paid, the charity said.
A spokeswoman for St John Ambulance said: "We take the security of our data very seriously and would like to reassure everyone who has received an email from us about this recent incident that we are confident no data has been shared outside of St John Ambulance.
"Our IT teams worked hard to isolate and resolve the issue as soon as we became aware of it and no ransom was paid.
"We are undertaking a review to examine how attackers were able to gain access to block the system, and we are putting processes in place to guard against this happening again."