The personal information of over 28,700 Porsche customers in Japan was accessed in cyberattacks in January and February, the luxury automaker’s Japanese unit said Monday.

Porsche Japan announced that it detected multiple attacks targeting a contractor’s data servers between Jan. 23 and Feb. 11, resulting in the email addresses of 23,151 customers being stolen. The customers had requested catalogs from its website between 2000 and 2009. In addition, 5,568 email addresses of people who signed up for a Porsche promotion campaign in July 2015 were stolen.

The company is still investigating whether other information leaked, such as customers’ names, home addresses, phone numbers, annual salaries and the number and types of cars they own.

So far there have been no reports of suspicious emails sent to the stolen addresses, the company said. Other critical information, such as credit card information, credit records or histories of purchases at Porsche Japan, was not compromised, the manufacturer said.

“We are deeply sorry for causing enormous concern and inconvenience for our customers and stakeholders,” the Porsche unit said in a statement.

The company said it cannot confirm whether data were hacked before Jan. 23, adding that the matter is under review by an external investigative firm.

The incident came to light last Wednesday after its German parent, Porsche AG, alerted the Japanese subsidiary about the possible theft of data. Porsche Japan checked the computer servers of the contractor that handles Porsche Japan’s personal data and found irregular access entries in the logs.

For inquires, call Porsche Japan’s customer service at 0120-950-290.