Customers who accessed the site between 12 May 2015 and 28 April 2016 may have had their data compromised.
Computer maker Acer has suffered a data breach at its US e-commerce site.
The website, Acer.com, had been compromised by unknown hackers with potential access to purchasers’ names, mailing addresses and credit card data.
A letter sent by Acer to the California Attorney General’s office revealed that the hack took place over a year ago.
Customers who accessed the site between 12 May 2015 and 28 April 2016 may have had their data compromised, including names, mailing addresses, credit card numbers, expiry dates, and the three-digit security codes.
"We do not collect Social Security numbers, and we have not identified evidence indicating that password or login credentials were affected," the data breach notification letter reads, which is attributed to Acer vice president of customer service Mark Groveunder.
Acer has hired cybersecurity experts to investigate the incident and is cooperating with federal law enforcement. The company has also notified the relevant payment card providers.
Groveunder said in the letter, "If you suspect that you are a victim of identity theft or fraud, you have the right to file a police report.
"In addition, you may contact your State Attorney General’s office or the U.S. Federal Trade Commission to learn about steps you can take to protect yourself against identity theft."
The company is urging all customers to review their account statements and monitor free credit reports for any anomalies.