The number of consumers whose personal information was compromised by a cyberattack at Equifax has edged higher.
The credit reporting agency said Monday the security firm investigating the data breach has added 2.5 million consumers to the list of those who may have been affected.
That means there are now 145.5 million people whose Social Security numbers, names, addresses, and birthdates may have fallen into the hands of identity thieves.
Equifax, announced last month that consumer data was compromised from the middle of May through late July.
Investigators are finished
Equifax hired a cybersecurity firm called Mandiant to investigate the attack.
The new interim CEO at Equifax, Paulino do Rego Barros, Jr., says he learned Sunday that Mandiant had finished its analysis and upped the number of possibly affected consumers.
Barros says he told Mandiant to release its report "promptly." In Monday's statement Barros added: "I want to apologize again to all impacted consumers. As this important phase of our work is now completed, we continue to take numerous steps to review and enhance our cybersecurity practices."
Equifax has a feature on its website that people can use to find out if they were affected by the attack.
The company says that tool will be updated with the newly identified consumers no later than Sunday.
Ex-CEO on Capitol Hill Tuesday
The CEO who resigned from Equifax on September 25 will face a Congressional panel Tuesday to answer questions about the security breach.
Richard Smith gave the Subcommittee on Digital Commerce and Consumer Protection his opening remarks ahead of time.
"As CEO I was ultimately responsible for what happened on my watch," Smith's statement says. "Equifax was entrusted with Americans’ private data and we let them down."
Smith says "...it appears that the breach occurred because of both human error and technology failures."
His 8 a.m. hearing can be watched here.
No Representatives from Minnesota or neighboring states serve on the panel that will question him.