Equifax Breach Impacted 2.5 Million More People Than Originally Stated

By Selena Larson

PHILADELPHIA (CNN) -- The massive Equifax data breach potentially affected 2.5 million more people than the company initially stated, according to findings released on Monday.

That brings the total number of people caught up in the massive hack to 145.5 million.

Equifax will alert the additional potentially affected consumers by mail. The website used to determine whether someone was impacted in the breach will be updated to include the new potential victims by October 8, the credit monitoring company said in a statement.

Auction At Simeone Auto Museum Draws Enthusiasts Of Antique Sports Cars

Equifax hired cybersecurity firm Mandiant to investigate the major breach in August - a month before it publicly disclosed that the personal information of millions of customers might have been compromised. On Monday, Equifax announced Mandiant completed its forensic investigation and revised the number of people impacted by the hack.

The new findings included only U.S. consumers, but Equifax also said personal information of 8,000 Canadian consumers was impacted, down from an initial estimate of 100,000.

Federal and state officials are probing the breach and potential executive insider trading.

Former Equifax CEO Richard Smith, who is testifying on Capitol Hill this week, says he is "very sorry" for the security breach that could put millions of people at risk for identity theft and credit fraud.

Smith is slated to appear before the House Energy and Commerce Committee on Tuesday and is expected to testify that human error and technical failures allowed hackers to access personal identifying information.

What Does Congress' Failure To Fund CHIP Mean For Philly Region?

Hackers accessed names, addresses, social security numbers, and some driver's licenses through a flaw in software known as Apache Struts. The flaw was disclosed in March, but Equifax failed to detect and fix the hole. Criminals stole the data between May and July, Equifax said.

The company is offering free credit monitoring and credit freezing for people who are concerned about their data falling into the wrong hands.

Smith retired last week. Equifax's chief information officer and chief security officer also retired last month.

Featured Local Savings

More from CBS News

Sweet summer job: Apply to be "chief ice cream officer" for American Dairy Association

Group of Philadelphia students heading to Africa to explore the global supply chain

Pocono Palace Resort in East Stroudsburg closing after nearly 50 years

New Jersey Forest Fire Service responding to wildfires in Winslow Township, N.J.