Australian supermarket chain Woolworths has confirmed that millions of customers of its MyDeal subsidiary have been impacted by a major data breach.

The company said that customers’ data were exposed after a compromised user credential was used to gain unauthorised access to MyDeal’s Customer Relationship Management (CRM) system.

According to Woolworths , the breach affected around 2.2 million customers.

Data compromised includes customer names, email addresses, phone numbers, delivery addresses and dates of birth.

Of the customers affected by the breach, 1.2 million only had their email addresses exposed.

The data breach did not include records such as payment information, driver’s licence or passport details and passwords.

Online shopping site MyDeal is in the process of contacting the estimated 2.2 million customers who were in the breach.

Woolworths and MyDeal have also begun engagement with relevant regulatory authorities and government agencies over the issue.

MyDeal CEO Sean Senvirtne said: “We apologise for the considerable concern that this will cause our affected customers.

“We have acted quickly to identify and mitigate unauthorised access and have increased the monitoring of networks.

“We will continue to work with relevant authorities as we investigate the incident and we will keep our customers fully informed of any further updates impacting them.”

The news comes after Woolworths acquired around 80% of MyDeal.com.au last month.

The MyDeal.com.au data network and CRM system were operated on a separate platform from Woolworths Group.

Other Woolworths Group platforms were reported to be safe, as were the Woolworths Group customer and Everyday Rewards records.

In August this year, Woolworths Group officially launched Woolworths at Work, an online shopping platform for businesses of all sizes across Australia.

The platform enables employers to purchase fresh food, kitchen and cleaning supplies among other essential products, offering a selection of more than 20,000 items.