If you found yourself in the market for a new computer or other electronic device and made a purchase through Acer’s online store in the last year, you might want to watch your credit card statement. The technology company says it was the victim of a data breach for nearly a year, exposing the credit card information of more than 34,000 customers.
Acer revealed the security breach in a letter [PDF] to the California Attorney General last week, noting that an unauthorized party had taken a year’s worth of full credit card data, names, and addresses between mid-May 2015 and late April of this year.
According to the letter, which was also sent to customers, Acer has not found evidence indicating that customers’ login credentials and passwords were affected by the breach.
A spokesperson for Acer tells PCWorld that the data was likely scooped up because the company “inadvertently stored data in an unsecured format.”
“Safeguarding your personal information is important to us,” Acer said in the notice to customers. “We took immediate steps to remediate this security issue upon identifying it, and we are being assisted by outside cybersecurity experts.”
Acer says it has reported the issue to its credit card payment processor and federal law enforcement officials.
by Ashlee Kieler via Consumerist