Hackers have stolen the personal records of around 14 million Australian and New Zealand clients of the consumer lender Latitude Financial, the company said on Monday.
Though the attack was first disclosed earlier this month, a "forensic review" discovered the number of people affected was far larger than was previously known -- the equivalent of nearly half the two countries' combined population.
"We recognise that today's announcement will be a distressing development for many of our customers and we apologise unreservedly," the company said.
It found that the details of 7.9 million Australian and New Zealand driver's licences had been stolen, as well as 53,000 passport numbers.
Another 6.1 million records dating back to at least 2005 with information such as names, addresses, telephone numbers and dates of birth were also hacked.
Australia and New Zealand's combined population is 31 million.
Latitude initially believed that only about 330,000 customers had their information stolen
"It is hugely disappointing that such a significant number of additional customers and applicants have been affected by this incident. We apologise unreservedly," Latitude Financial chief executive Ahmed Fahour said.
"We continue to work around the clock to safely restore our operations. We are rectifying platforms impacted in the attack and have implemented additional security monitoring as we return to operations in the coming days."
Latitude Financial said the Australian federal police were investigating, and that it was working with cyber-security experts from the government as well as its own advisers.
The company said it would reimburse customers who decided to replace their documents. It said no suspicious activity had been detected on its systems since March 16.
(Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.)