Shoppers who applied for a credit card from Coles more than five years ago have been caught up in a large-scale hack.
Anyone who made the application before 2018 may have had their details leaked during the cyber attack on Latitude Financial, which provided credit card services to the supermarket giant until March of that year.
A Coles spokesperson said Latitude has not yet disclosed the number of impacted customers or specific details of the breach.
READ MORE: Latitude Financial insists it won't pay ransom demand by criminals behind cyber attack
"We are disappointed that this cyber incident has taken place and apologise for the inconvenience and uncertainty created," the spokesperson said.
"As a former service provider, Latitude Financial Services has informed Coles Financial Services that historical Coles Credit Card holder data has been affected by the recent cyber incident impacting their business.
"In March 2018, Coles Financial Services moved its Credit Cards to Citibank."
Impacted customers are being contacted by Latitude.
Customers concerned by the hack have been advised to visit Latitude's website for more information.
Sign up here to receive our daily newsletters and breaking news alerts, sent straight to your inbox.