CLEVELAND (WJW) – The Cleveland Museum of Art (CMA) says its subscribers may have had data compromised following a ransomware attack.

According to CMA, the ransomware hit their external email distribution provider, WordFly. CMA says all WordFly access has now been deactivated.

Here’s what information the ransomware could have gotten:

The potentially impacted data is limited to names, email addresses, and membership IDs, levels, and expiration dates where applicable. No sensitive personal information, such as credit card numbers, was involved.

CMA says they’re not aware of the data being publicly distributed or misused.