Equifax said on Thursday that it identified an additional 2.4 million U.S. consumers affected by last year's massive data breach, bringing the total number of people whose data was compromised to more than 147 million.
The company said in a statement that the newly identified victims had their names and partial driver's license information stolen, but that the hackers had not obtained their Social Security numbers.
The breach, which was first disclosed in September, has triggered investigations by governments around the world, lawsuits and the departure of several Equifax executives.
The U.S. Senate's Committee on Commerce, Science and Transportation plans to obtain more information on the newly identified victims, said the group's chairman, Republican John Thune.
“The company should have acted sooner to mitigate the impact on these additional affected consumers," Thune said in a statement. "Equifax needs to put consumers first and shouldn’t be trying to clean up its mess in a piecemeal fashion."
Equifax will release fourth-quarter results on Thursday afternoon, earnings that will give investors a clearer picture on how much it will cost the company to recover from the hack.
The company in November said breach-related costs totalled $87.5 million in third quarter. It issued a fourth-quarter outlook that missed Wall Street forecasts, predicting $60 million to $75 million in costs related to the incident during the period.
Equifax said on Thursday it would contact the newly identified breach victims and offer them free identity theft protection and credit monitoring services.
The company's shares were down 2 percent at $110.76 in late afternoon trade, in line with a decline in broader U.S. equity markets.
Reporting by Jim Finkle in Toronto and Aparajita Saxena in Bengaluru; Editing by Bernard Orr and Meredith Mazzilli.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.