Thousands of Australians may be affected by a data breach targeted at HR company PageUp.
Big businesses including Coles, Aldi, Telstra and NAB use the service, with news last night that there had been a security issue.
It is understood from a statement on PageUp that the site encountered 'unusual' IT activity on May 23, which may have exposed the two million users it has worldwide.
PageUp has launched an investigation, with its clients also issuing an emergency statement to staff regarding the breach.
"There has been a breach, there has been malicious code executed inside PageUp's systems and criminals may have access to an amount of documentation, we just don't know exactly what it is," Australia's Computer Emergency Response Team boss Alistair MacGibbon said.
"Any breach is bad and our job in the government is to reduce the likelihood of these events happening, but unfortunately the reality is that criminal groups are always looking at new ways to steal credentials and wreak havoc on our society."
Data that may have been breached could include personal information such as tax file numbers, addresses and bank details.