A communications platform used by the Department of Defence has been hit by a ransomware attack.
Hackers targeted the ForceNet service, which is run by an external provider and used by public servants and military personnel.
The service allows for defence force members, their families and defence department staff to communicate with each other.
Government officials said no data of serving or former military personnel appeared to have been compromised or stolen.
A defence spokesman said the incident may have been a ransomware attack on an external IT service provider.
"This is not an attack on defence ICT or the the ForceNet application," the spokesman said.
"Defence is taking this matter very seriously and is working with the provider to determine the extent of the attack.
"Defence is examining the contents of the 2018 ForceNet dataset and what personal information it contains."
Assistant Defence Minister Matt Thistlethwaite said the department was being prudent by notifying all personnel despite no information being stolen.
Defence has suggested its staff change their passwords and use two-factor authentication.
"I want to stress this isn't an attack or breach on defence ICT systems," Mr Thistlethwaite told ABC Radio.
"It's on an external provider defence contracts to run one of their websites."
The attack happened earlier this month.
Cyber support has been offered to military personnel who believe they may be affected.
Defence is partnering with an identity and cyber support company called IDCARE to protect staff.
Australian Associated Press
Sign up for our newsletter to stay up to date.