Equifax announced about 2.5 million additional people have been impacted by their security breach where hackers collected includes names, Social Security numbers, birthdays, addresses, and even driver's license numbers.
Equifax now estimates approximately 145.5 million Americans were impacted by the breach, rather than the original estimate of 143 million Americans.
"I want to apologize again to all impacted consumers," Equifax's newly appointed interim CEO Paulino do Rego Barros said in a statement.
The findings were found during an investigation by an independent cybersecurity firm to provide a comprehensive review to determine the breadth of the intrusion and what data was affected. The cybersecurity firm concluded its forensic investigation, Equifax announced Monday.
"As this important phase of our work is now completed, we continue to take numerous steps to review and enhance our cybersecurity practices. We also continue to work closely with our internal team and outside advisors to implement and accelerate long-term security improvements."
From May to July 2017, Equifax said "criminals" violated a U.S. website application vulnerability to gain access to certain files. Equifax said the hackers breached its system due to a software flaw Equifax never corrected.
Although the company discovered the hack July 29, customers were not notified until Sept. 7.
The Justice Department and the Federal Trade Commission have launched investigations into the security breach and several congressional committees have requested information from Equifax related to the breach.Former Equifax CEO Richard Smith, who stepped down last week, is scheduled to testify before the House Energy and Commerce Committee Tuesday and will still appear despite his retirement, the committee said.