Customer data has been stolen from the Racing Post's databases following a "sophisticated, sustained and aggressive" attack by hackers on its website.
The news and betting site revealed that a wide range of information, much of it unencrypted, was taken during the security breach on Friday and Saturday.
"The information at risk from the database that was compromised will vary in the case of each customer, depending on how much information you gave us when you registered," the company said in a post on its website.
"It includes: usernames, first and last names, encrypted passwords, email and customer addresses and date of birth.
"As a consequence, customers have been advised by email that they should take the precaution of changing their password on other sites if it is the same one that they use for racingpost.com."
The Racing Post said that credit and debit card details were not taken, and highlighted that it does not hold customers' financial information used in betting services offered alongside bookmaker partners.
The firm has now promised "stringent" new measures will be put in place to prevent a recurrence of the security breach, and has removed log-in requirements on its website as a precaution.
"Security is an area we take extremely seriously and our website has not been compromised previously. As soon as we were aware of the situation we did everything in our power to halt the breach," said Racing Post editor Bruce Millington.
"We are extremely sorry that this unfortunate incident has occurred. We believe it may be part of a wider attack on a number of companies. We thank you for your patience and understanding."