The personal details of firefighters is likely to be among information released on to the dark web by hackers who breached Fire Rescue Victoria's IT system.
It is believed the cyber criminals who attacked the emergency rescue agency's IT system late last year accessed the personal information of staff.
Also at risk are contractors who worked with the department, other emergency service workers from linked agencies, including Metropolitan Fire and Emergency Services Board, and secondees and job applicants.
The agency reassured its staff this month the data had not been posted online, but on Wednesday confirmed the information had been posted on the dark web.
"It is a complex task to analyse the data that has been shared on the dark web and we have cyber security specialists assisting with this analysis," Fire Rescue Victoria said.
"As we identify what information may have been released, we will provide further information."
People impacted have been urged to take steps to protect their information and Fire Rescue Victoria said it would provide identity-monitoring support from IDCARE and credit-monitoring support from Equifax.
The agency will also attempt to contact people affected by the breach.
"We strongly urge the media and anyone else from downloading sensitive or personal FRV data from the dark web and to refrain from contacting our employees directly," the agency said
"Throughout this incident, community safety has not been compromised and FRV continues to turn out crews and fire trucks through mobile phones, pagers, and radios.
"The community should continue to call Triple Zero (000) in an emergency."
The Office of the Australian Information Commissioner has been notified of the data breach.