Rite Aid has admitted that its online eCommerce platform was accessed by unauthorized individual(s) from January 30, 2017, through April 11, 2017, and their customers’ names, addresses and payment card information, including credit and debit card numbers, expiration dates and security codes were compromised.

The breach affected any customers using Rite Aid’s online store and entered their payment card information during those dates.

Rite Aid is offering affected individuals 12 months of identity theft monitoring.