According to a letter sent by Acer to the California Attorney General’s office, the hack happened over a year ago. Customers that accessed the site between May 12 2015 and April 28 2016 may have had their data compromised. This includes names, mailing addresses, credit card numbers, expiry dates, and even the card’s CCV security codes. Acer said that preliminary investigations indicate hackers have not stolen usernames or passwords but the company refused to divulge hackers managed to access its U.S. based web store or how many customers may have been affected. “We do not collect Social Security numbers, and we have not identified evidence indicating that password or login credentials were affected,” the data breach notification letter reads, which is attributed to Acer’s vice president of customer service Mark Groveunder. Acer said it has hired a cybersecurity firm to investigate the incident and is cooperating with federal law enforcement. It said it has also notified the relevant payment card providers. “If you suspect that you are a victim of identity theft or fraud, you have the right to file a police report. In addition, you may contact your State Attorney General’s office or the U.S. Federal Trade Commission to learn about steps you can take to protect yourself against identity theft,” said Groveunder in the letter. If you are a Acer customer and have saved your credit card details, you should review your account statements for any anomalies. If you find anything amiss, kindly contact Acer immediately.