Kroger Co. recently reported that it was the victim of a data breach involving a third-party vendor’s file-transfer service.

Indeed, last Friday, the Cincinnati-based grocery and pharmacy chain declared that a breach affected its services and is currently notifying customers who might have been at risk, offering them free credit monitoring.

Yet, the company believes that less than 1% of its customers were affected as well as some current and former employees, as a number of personnel records were seemingly viewed. Moreover, the breach doesn’t seem to have affected the stores’ IT systems or grocery story systems, or data.

The company also pointed out that it already suffered a hack back in December involving a file-transfer product called FTA developed by Accellion, which is used to share large amounts of data and hefty email attachments.

This is a pretty serious hack as Accellion has more than 3,000 customers worldwide, including the University of Colorado, Washington State’s auditor, the Reserve Bank of New Zealand, and U.S. law firm Jones Day. However, it was reported that the affected product was old and nearing the end of its life, as well as that all vulnerabilities had been resolved.