A significant number of UK customers have had sensitive data stolen – including usernames, passwords, and driver’s licence numbers – from credit reference agency Equifax.
The firm has confirmed that the number of customers thought to be affected has jumped from 400,000 to nearly 700,000.
It comes shortly before the General Data Protection Regulation (GDPR) comes into effect in May 2018, which significantly increases the penalties for businesses which flout data protection laws.
Equifax said that it will contact all its affected UK customers – who may be at risk of “possible criminal activity” – by letter to offer them help.
UK customers can also phone Equifax for advice on 0800 587 1584.
Patricio Remon, Equifax’s chief European executive, said: “Once again, I would like to extend my most sincere apologies to anyone who has been concerned about or impacted by this criminal act.”
Around 15 million UK customers have been affected by the breach, but for the large majority the data stolen has been limited to usernames and dates of birth.
However, Equifax has revealed that approximately 637,000 customers have had their phone number stolen and a further 29,000 who have had their driver’s license numbers exposed.
A further 15,000 usernames and passwords were leaked it, added, as well as 12,000 email addresses.
The company’s chairman and chief executive Richard Smith resigned over the breach in September.
This is the most recent event in a long line of breaches at Equifax. In May last year, the firm was subject to a lawsuit after one of its websites was attacked resulting in the theft of 430,000 customers’ personal data.
It also suffered two further breaches in April 2013 and January 2014.