The breach occurred in late March, affecting less than 1,300 customers and employees.
The affected server contained sensitive information including customer names, addresses, tax ID numbers, Social Security numbers and financial information.
The server was also used for storing Human Resources Department data which includes employee names, addresses, social security numbers and driver's license numbers of small number of employees.
The company claims that it does not believe the breach was an attempt to steal customer information.
The affected individuals are being offered one year free membership of credit monitoring and identity theft insurance.