"Security is of the utmost importance for Xero and like other online businesses we are constantly vigilant about protecting information on our platform," Xero spokeswoman Kate McLaughlin says.
"Xero's partnership with Capital One in the US enables Xero customers to access their Capital One financial data through a secure integration with Capital One's API [application programming interface].
"The Capital One issue does not affect Xero, our systems, the API or data that we hold."
The Capital One hack immediately raised fresh doubts about the safety of story data in the cloud.
But although the US bank's stolen data was hosted Amazon's AWS cloud platform, initial indications are that the hacker (alleged to be 33-year-old software engineer Paige Thompson) exploited a firewall vulnerability on Capital One's own network.
Capital One, the Virginia-based bank with a popular credit card business, announced Monday that a hacker had accessed about 100 million credit card applications, and investigators say thousands of Social Security and bank account numbers were also taken.
The FBI has arrested Thompson, who's on a charge of computer fraud and abuse, according to court records.
The hack appears to be one of the largest data breaches ever to hit a financial services firm.
In announcing the data breach, Capital One emphasised that no credit card numbers or log-in credentials were compromised, nor was the vast majority of Social Security numbers on the affected applications.
Capital One was alerted to a problem on July 17 after a person in an online discussion group had claimed to have taken large amounts of the company's data, according to the complaint.
Retail giant Amazon told The New York Times that its cloud had stored the stolen Capital One data.
But the bank said that "this type of vulnerability is not specific to the cloud," adding that it was able to quickly diagnose and fix the issue because of its "cloud operating model."
