The Equifax hack has affected 693,665 consumers in UK , 145.5 million in the U.S. and 8,000 in Canada.
In yet another startling revelation, Equifax Inc said, 15.2 million records of its clients in Britain were compromised in the cyber attack that it suffered last month; this includes sensitive information affecting nearly 700,000 consumers.
The U.S. credit rating agency said 14.5 million of the records breached, which dated from 2011 to 2016, did not contain information that put British consumers at risk.
However, nearly 145.5 million clients, mostly located in the United States, had their private information compromised, including birth dates, social security numbers and addresses.
In its report, the Wall Street Journal said, the driving license numbers of nearly 10.9 million Americans have also been compromised.
Equifax said it will now notify 693,665 of its UK clients by post and offer them several of its own, and third-party risk-mitigation products for free, to help minimize the risk of potential criminal activity.
Given the numbers and the enormity of the hack, Equifax has come under severe criticism from regulators, lawmakers and consumers over the handling of the breach, which occurred between mid-May and late July this year and was disclosed only after September 6.
Heads have rolled, including that of its CEO, chief information officer and chief security officer.
“Once again, I would like to extend my most sincere apologies to anyone who has been concerned about or impacted by this criminal act,” said Patricio Remon, Equifax’s president for Europe.
“Let me take this opportunity to emphasize that protecting the data of our consumers and clients is always our top priority.”
In a U.S. congressional hearing, former CEO Richard Smith stated the company was alerted of the existence of a software vulnerability in its systems in March 2017 but it failed to fix the issue due to “both human error and technology failures”.
The breach has prompted investigations by several federal and state agencies, including a criminal probe by the U.S. Department of Justice.
Equifax has revised the number of Canadians affected by the breach from its earlier figure of 100,000 to 8,000, saying the earlier estimate “was preliminary and did not materialize”.
The company plans on mailing all its affected clients with information about free credit monitoring and identity theft protection services.