A cybersecurity attack has prompted a warning for supermarket customers to change their passwords and some accounts may have been accessed by outsiders.

Members of supermarket loyalty and online shopping programme New World Clubcard received an email on Friday night, telling them scammers had attempted to gain access to accounts by trying commonly used passwords.

A "recent" cybersecurity incident had affected "a number of New World Clubcard accounts", the email said.

"Our technology team has identified suspicious external activity where scammers have attempted to gain access to accounts by trying commonly used passwords across many usernames," the supermarket said.

"Based on our investigation, it appears that some New World Clubcard accounts with weaker or reused passwords may have been accessed, without the cardholder's authorisation."

Photo: Supplied

Most customers were told their account had not been affected, but the supermarket advised them to change their passwords to be safe.

In the email, New World said its own systems had not been breached and its technology team was monitoring for "any further malicious activity".

The supermarket retailer, which is owned by parent company Foodstuffs, said it was working with cybersecurity experts to ensure customers' data remained secure.

"We sincerely apologise for any inconvenience. Your privacy and security are extremely important to us, we have taken these actions to protect you, and strongly recommend you [establish] a refreshed and strong password."

Foodstuffs did not respond to RNZ's requests for comment.

This story was originally published by RNZ