Hackers have broken into the databases of Monster Worldwide Inc and stole personal data, the popular global website for job hunters said.
"We recently learned our database was illegally accessed and certain contact and account data were taken, including Monster user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data," Monster said in a website statement.
The hackers did not access resumes, social security numbers or financial data, it added.
Hackers targeted Monster sites around the world except Asia Pacific and eastern Europe, said company spokeswoman Nikki Richardson, adding that Monster was working with "appropriate law enforcement agencies."
In the UK alone about 4.5 million job seekers have signed up to monster.co.uk. If the breach has affected almost all of them, this would be the biggest data theft in the UK since last year's data loss of 25 million child benefit claimants.
In the United States, where the company is based, "an investigation is in progress," she said.
Monster operates in 36 countries with millions of users, including 4.5 million in Britain.
Monster said it had taken its own "corrective steps'' and advised clients to change their password as the hackers could use email addresses to "phish" for further information.
Monster also warned users to be on the look-out for phishing e-mails built around the details surrendered to Monster.
"Monster will never send an unsolicited e-mail asking you to confirm your username and password, nor will Monster ask you to download any software tool or access agreement in order to use your Monster account," it read.
This is the second serious data breach at the company in 18 months.