The credit reference firm said it was extending the offer of free identity protection services to these people as well as those already identified – and making this available for up to two years.
A file containing 15.2m UK records dating from between 2011 and 2016 was attacked in the incident, with Equifax concluding in October that 693,665 people could be identified.
The incident has already prompted an FCA enquiry and drew the ire of Treasury Select Committee chairwoman Nicky Morgan.
Equifax initially highlighted four categories of people affected:
- consumers who had an email address associated with their equifax.co.uk account accessed;
- consumers who had portions of their equifax.co.uk membership details accessed – such as username, password, secret questions and answers and partial credit card details;
- consumers who had their driving licence number accessed and;
- consumers who had their phone number accessed.
It has now added to that list a further 167,431 UK consumers whose landline telephone numbers are already published in the public Phone Book but were accessed as part of the cyber attack.
Extend for a second year
In an update on its UK website, Equifax said it would write to these people by the end of January.
“We are offering this group the same free ID protection services as outlined in the initial consumer letters,” it said.
“So that they can further protect their personal information, the letter they receive will also provide details of how they can delist their telephone number from the Phone Book, should they wish.”
The Equifax protect service is initially available for free for one year, but consumers can request a second free year if they wish.