The company says there was "possible unauthorized access to the Web site's credit card transaction system" between mid-October and mid-November of 2013, and seven people said their credit cards were accessed after they made a purchase on the site.
It's not clear at this point how the unauthorized access occurred.
"In the 17 years we've had an online presence -- since launching our Web site in 1997 -- this is the first time we've ever been targeted by this kind of a security breach, and we're doing our all to make sure it's also the last time," Made In Oregon vice president Verne Naito said in a statement.
In response to the incident, the company says it has hired forensic technical consultants to investigate the breach and strengthen internal controls; filed reports with the FBI, Portland police and credit reporting companies; and notified all those affected by mail.
KGW.com reports that while it appears that no customers have lost money as a result of the breach, the company is offering free credit monitoring services to all those affected.