The breach affects customers in the US and Canada who made purchases before April 28, 2016.

If you’ve purchased an Acer device from the company’s online store within the last year, there is a good chance your credit card information was stolen.

Hackers successfully retrieved the name, address, card number, expiration date, and three-digit security codes of customers between May 12, 2015 and April 28, 2016. The Taiwan-based company sent form letters to the 34,500 affected customers all who reside in the US, Canada, and Puerto Rico.

While no social security numbers were taken, the theft is one of the few we’ve seen involving a major PC company’s online store. Acer has yet to reveal how the breach happened, but such hacks are typically a result of employees opening infected email.

The letter sent out by Acer explains that the company is working with an outside cybersecurity firm to investigate the incident. Additionally, it has cooperated with federal law enforcement and has notified the relevant payment card providers.

“If you suspect that you are a victim of identity theft or fraud, you have the right to file a police report. In addition, you may contact your State Attorney General’s office or the U.S. Federal Trade Commission to learn about steps you can take to protect yourself against identity theft,” said Mark Groveunder, Acer’s vice president of customer service.

The company urges customers to review their account statements for any abnormalities.

Source: Engadget and Digital Trends