More than 15 million British records were compromised by a hack earlier this year, Equifax has admitted.
Yesterday the credit score giant revealed 693,665 people may have had personal details - including partial credit card details, passwords and driving licence information - stolen in May's cyber-attack. A further 14.5 million records which may contain names and date of birth accessed.
The number is far greater than the firm estimated last month, when it said 400,000 UK customers may have been hit.
Equifax says it is writing to the affected 693,655 UK customers directly and will offer them an identity protection service or identity monitoring service for free. These letters will be arriving from today.
It also adds that the hack of 14.5 million records that may contain names and dates of birth does not introduce any "significant risk", and these customers won't be contacted.
Those at risk of having information accessed are not just Equifax customers, as Equifax holds data on some 44 million people in the UK.
What information was taken?
Equifax now says the numbers affected and information taken can be broken down as follows:
- 12,086 consumers: email address associated with their Equifax.co.uk account in 2014.
- 14,961 consumers: parts of their Equifax.co.uk membership details such as username, password, secret questions and answers and partial credit card details - from 2014.
- 29,188 consumers: driving licence number.
- 637,430 consumers: phone number.
What will customers be offered?
All customers who had their phone numbers accessed will be offered a leading identity monitoring service for free. An identity monitoring service usually notifies individuals of any activity related to their personal information - such as credit applications and website updates - that could be signs of identity theft.
Equifax says it will offer Equifax Protect for free to the 56,000 people who have had their driving license information, Equifax Protect is an identity protection service that monitors your personal data, including your credit information, and alerts you by email or SMS message to potential signs of fraudulent activity. Equifax also says products and services from third-party organisations will also be offered at no cost to consumers.
What does Equifax say?
Patricio Remon, President for Europe at Equifax Ltd (UK), said, Once again, I would like to extend my most sincere apologies to anyone who has been concerned about or impacted by this criminal act. Let me take this opportunity to emphasise that protecting the data of our consumers and clients is always our top priority.
"It has been regrettable that we have not been able to contact consumers who may have been impacted until now, but it would not have been appropriate for us to do so until the full facts of this complex attack were known, and the full forensics investigation was completed.
"I urge anyone who receives a letter from Equifax to take advantage of the remedial services being offered to help mitigate against any risk, or to contact us should you have any questions.