Between May 12, 2015 and April 28, 2016, Acer's insecure customer database spilled people's personal information.

The lost data includes customer names, addresses, card numbers, and three-digit security verification codes on the backs of the cards.

Acer vice-president of customer service Mark Groveunder said: "We took immediate steps to remediate this security issue upon identifying it, and we are being assisted by outside cybersecurity experts. We have reported this issue to our credit card payment processor. We have also contacted and offered our full cooperation to federal law enforcement."

"If you suspect that you are a victim of identity theft or fraud, you have the right to file a police report," Groveunder added in the letter.

"In addition, you may contact your State Attorney General’s office or the US Federal Trade Commission to learn about steps you can take to protect yourself against identity theft."

Source: The Register