Equifax has announced more detail of the enormous data breach it first discovered in 2016.
It lead to two senior figures being replaced at the US credit report company.
The revised details of the breach now include 3 million more pieces of stolen data which includes dates of birth, social security numbers and addresses.
The figures were revealed in letters sent to U.S. Congressional committees.
Equifax revealed in the letters that a further 38,000 driver’s licenses and 3,200 passports details had also been uploaded.
Other compromised personal data included 146.6 million names, 146.6 million dates of birth, 145.5 million social security numbers, 99 million addresses and 209,000 card numbers with expiration dates.
With assistance from Mandiant, a cybersecurity firm, Equifax also believes that an additional 12,000 social security and 3,000 other government identification documents – including military IDS and residential cards – were also affected.
“The company had not previously analysed the government-issued identifications contained in the images uploaded in the dispute portal,” the letter stated.
“In response to governmental requests for additional information, the company recently analysed the dispute documents stolen in the cybersecurity incident and determined the approximate number of valid US government-issued identifications that had been uploaded to the dispute portal.”