More than 30,000 SuperValu customers in the Republic of Ireland and Northern Ireland, who availed of a getaway break scheme, have been affected by a security breach.
Loyaltybuild, which manages the scheme, said it has also informed Axa that its customers have also been affected by the breach.
Axa estimates that approximately 4,000 of its customers have been affected and it is currently contacting customers.
Both companies have temporarily suspended their getaway break schemes.
The breach was discovered on 25 October and a third party firm is currently running forensic tests.
However, it will be a number of days before a final analysis is completed.
All credit card details are encrypted, but customers are advised to keep an eye on their account as a precautionary measure.
The Data Commissioner has been informed.
Loyaltybuild also has a large customer base in Sweden and Norway, which may also have been compromised.
All clients have been informed.