The beleaguered credit reference agency Equifax has now admitted that 694,000 customers in the UK had their data stolen between May and July this year.
The firm’s original estimate of its UK cyber-theft victims, made last month, was fewer, at nearly 400,000.
Equifax now says that it will contact its affected UK customers by letter to offer them help.
It admits they may be at risk of “possible criminal activity”.
Patricio Remon, Equifax’s chief European executive, said: “Once again, I would like to extend my most sincere apologies to anyone who has been concerned about or impacted by this criminal act.”
More than 14 million further UK records were stolen, but they contained only names and dates of birth.
The huge data breach was part of an attack on the firm’s worldwide customer records in which the personal details of 146 million people in the US were stolen, along with 8,000 Canadians.
The firm says that as an independent investigation into the saga has been completed, it can now help its UK customers by offering them free advice and ways to protect themselves from identity theft.
Four groups of affected UK customers have been identified:
- 637,000 whose phone numbers were stolen
- 29,000 whose driving licence numbers were stolen
- 15,000 who had some of their Equifax membership details, such as usernames and passwords, stolen
- and 12,000 whose email address was stolen.
The scandal led to the resignation last month of the company’s chairman and chief executive, Richard Smith.
The company denied in September that the stolen UK data included any addresses, passwords or financial information.
However, the firm has now revealed that data belonging to the 15,000 customers, who had their Equifax membership details accessed, did indeed include Equifax passwords, secret questions and answers, and partial credit card details.
UK customers can phone Equifax for advice on 0800 587 1584.