"Although our United Kingdom business was not breached, the attack regrettably compromised the personal information of a range of United Kingdom consumers", the company said in an emailed statement. However, the report claims a staggering 71 million people affected remain unaware of the breach.
The Equifax data breach impacted 145.5 million Americans and more than 15 million Californians Equifax is one of the nation's three major credit reporting agencies. The balance of the 14.5m records potentially compromised may contain the name and date of birth of certain United Kingdom consumers.
Michigan Attorney General Bill Schuette announced Monday that his consumer protection team has released an update to the Equifax Breach Consumer Alert providing the latest information following the announcement that an additional 2.5 million consumers were impacted by the breach.
It said the 693,665 British consumers would be notified of the post and offered help to mitigate the effects of the leak.
12,086 people have had the email address associated with their Equifax account in 2014 accessed.
And Morgan has also asked the City watchdog for information on Equifax's response and any further action the Financial Conduct Authority may be considering.
Affected customers who have had their phone numbers accessed will be offered a leading identity monitoring service for free and those who had other personal details accessed will receive Equifax Protect, an identity protection service which monitors personal data, for free.
The scandal led to the resignation last month of the company's chairman and chief executive, Richard Smith. They give you a secret personal identification number that you use to "unfreeze" the report if you apply for credit, but this seems like a small inconvenience for the peace of mind of knowing that thieves can't turn your data into a new identity.
Equifax was hacked after failing to address a known security problem. The hack has been attributed to a web server vulnerability, however its United Kingdom systems were not breached.
A patch for the vulnerability had been available since early March, but Equifax did not apply the patch and later system scans failed to identify the vulnerable Apache Struts software.