In a statement to ZDNet, an Acer spokesperson said that it had notified 34,500 customers whose data was exposed by the breach.
Details about who may have stolen the data, though, still hasn't been publicly disclosed, and probably won't be until after the investigation is finished.
News of the hack first surfaced in a letter that was submitted to the California Attorney General.
In addition to credit card information, which includes the number, expiration data, and security code, the breach is said to have also exposed customer names and addresses.
The company stated in the letter that it had contacted federal law enforcement about the breach; the extent of the investigation at this time isn't clear.
This is the latest in a long string of data breaches and cyberattacks that leave customers or companies exposed; most recently, both a hospital and a university have been affected by ransomware attacks that required thousands of dollars in payment to remove.