Equifax’s Twitter account tweeted links on September 20, 2017 to a fake site pretending to be Equifax, further bungling the company’s response to a massive hack that affected 143 million customers.

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

NEW YORK (AP) — Credit report company Equifax said Monday that 2.5 million more Americans may have been affected by the massive security breach of its systems, bringing the total to 145.5 million people.

Equifax said the company it hired to investigate the breach, Mandiant, has concluded its investigation and plans to release the results “promptly.” The company also said it would update its own notification for people who want to check if they were among those affected by Oct. 8.

The information stolen included names, Social Security numbers, birth dates and addresses, the kind of information that could put people at risk for identity theft.

While Equifax previously said up to 100,000 Canadian citizens may have been affected, it said Monday that the completed review did not bear that out and it determined that the information of about 8,000 Canadian consumers was involved.

The update comes as Equifax’s former CEO, Richard Smith, who announced his retirement last month, will testify in front of Congress starting Tuesday. He’s expected to face bipartisan anger from politicians who have expressed outrage that a company tasked with securing vast amounts of personal data was unable to keep their security software up to date.

In prepared testimony, he apologized and said human error and technology failures allowed the data breach.

Equifax also faces several state and federal inquiries and class-action lawsuits.

More on the security breach, here.

40.712784 -74.005941