The Vector power company has shut down its outage app after thousands of customers unwittingly had their data shared.
The information has been available due to a vulnerability on its outage app.
The app is used so customers can report and be informed about power outages.
Vector chief digital officer Nikhil Ravishankar said the information accessed includes the names, phone numbers and email addresses of customers who reported an outage through the app.
Data which could lead to the identification of their address, may have also been available.
No customers' financial or banking information was held in the app.
"We are deeply sorry for this data breach, which comes as we are working to significantly improve our customers' information experience during an outage, which was a clear problem following the April 10 storm," Mr Ravishankar said.
He said work had already commenced to overhaul the Vector Outage App and had been disabled in the interim.
Vector has notified the Privacy Commissioner of the data breach, and is taking steps to determine which customers have been affected.
"We ask our customers to be extra vigilant if they receive any unsolicited communication from anyone purporting to be from Vector. We will make contact with the 35,000 affected customers, but will not include links in our communication, or ask for any identifying information," he said.