Yesterday, Home Depot confirmed that its payment systems have been breached, apparently by a new variant of the same malware responsible for the headline-grabbing Target data breach last December. At risk appears to be the payment information from its nearly 2,200 US and Canadian brick and mortar stores. Home Depot believes, however, that its stores in Mexico and online transaction data from HomeDepot.com were spared from the attack. It also does not believe that debit card PINs were impacted.

The home improvement retailer reports that it is investigating transactions dating back to April 2014. It is also offering free identity protection services for 12 months to any customers who may have been affected by the breach.

For customers who need identity repair assistance as a result of the breach, Home Depot says it has “a team of dedicated fraud resolution investigators available to assist. They will do the work to recover financial losses, restore your credit, and make sure your identity is returned to its proper condition.” Customers who used a payment card at a Home Depot store from April 2014 on are eligible to receive these services, as well as a service that includes credit monitoring, identity monitoring, and an identity theft insurance policy–at no cost to the customer.

To learn more about these services and to enroll, visit https://homedepot.allclearid.com/.