Thousands of credit cards, addresses, and security codes exposed by Acer online store

Security failures at online services dont come much bigger than the issue Acer has just owned up to. In a letter to customers of its online store, the Taiwanese PC maker admits it has found unauthorized access by a third party to [information] potentially including your name, address, card number, expiration date and three-digit security codes. Thats all anyone needs to be able to make remote purchases, whether on the web or by phone, and it marks a particularly bad lapse in Acers data safeguards.

Affected customers are those who bought anything from Acers North American web store between May 12th of last year and April 28th this year, and all will be receiving the letter advising them of the security breach. Acer has told ZDNet that the total number of exposed accounts is 34,500. Login and password details havent been identified as part of the data breach, but the company isnt ruling that possibility out either. If theres any bright side to this, its in the relatively small amount of business that Acer was doing through its e-commerce portal. Things might have been much worse if one of the bigger online retailers had suffered the same gaffe.