American publishing and financial information firm Dow Jones has revealed it was subject to a cyberattack over a three-year timespan that resulted in “unauthorized access” of payment card and contact information for up to 3,500 individuals. The company said no direct evidence exists to suggest the data was stolen.

In a letter to its customers, Dow Jones chief executive William Lewis acknowledged the breach and said it was notifying people “out of an abundance of caution.” He also stated that the company recognized that “no company is immune to cyberattacks,” which appears to be true, given all the headlines about Target, Visa, MasterCard, Sony Pictures, Home Depot, and Ashley Madison.

The breach was reported to Dow Jones by law enforcement, and the investigation has determined that between August 2012 and July 2015, “unauthorized access” was made to the company’s systems. It’s said that the goal of the hackers was to “obtain customer contact information in order to send fraudulent solicitations.” The suspects went after names, addresses, email addresses, and phone numbers to help accomplish their goals.

Customers affected by this attack will be notified in the mail by Dow Jones.

Dow Jones is best known for being a staple in the financial industry through its Dow Jones Industrial Average, an index that assesses the overall performance of the stock market. The company is owned by News Corp and produces The Wall Street Journal, Barron’s, Dow Jones Newswires, MarketWatch, and other products.