Entertainment etailer Play.com has suffered a possible security breach after customers complained of receiving spam emails to addresses only used for transactions on its site.