Acer recently learned that its US-based e-commerce site had been compromised and is preparing to inform customers that may be affected according to a template letter sent to the California Attorney General’s office.

The Taiwanese computer manufacturer said the breach, conducted by an unauthorized third-party, involves customers that used the e-commerce site between May 12, 2015 and April 28, 2016. Data that may have been compromised includes names, addresses, partial credit card numbers and the three-digit security code on the rear of the card.

Acer said it does not collect Social Security numbers and they haven’t found any evidence indicating login credentials were at risk.

The company said it took immediate steps to remedy the issue and is working with outside cybersecurity experts on the matter. They’ve also notified their credit card payment processor.

Acer points out that anyone who believes they are a victim of identity theft or fraud has the right to file a police report. In addition, you may also contact your State Attorney General’s office or the Federal Trade Commission to learn more about how to protect against identity theft.

As of writing, Acer hasn’t revealed any details of the attack or how it took place nor do we know how many customers may be at risk. If you think you may have done business with Acer during the timeframe, it’d be wise to keep a close eye on your account statements.