The amount would make the 2017 data breach one of the most expensive hackings in corporate history.

The cost estimates mainly reflect the implementation of new cybersecurity upgrades, lawsuits and free identity theft monitoring for millions of affected users. Approximately $75 million of the costs would be covered by insurance.

The breach disclosed last September was notable for the sensitivity of the personal data the hackers were able to steal. Millions of Social Security numbers, names, addresses, birthdates and credit card numbers were exposed.

Initially, Equifax said 147 million Americans -- about half of the population -- were affected by the attack. On Thursday, the company said investigations discovered that the data for another 2.4 million people were exposed.

The estimated costs were revealed in an earnings report. Equifax also made a filing with the Securities and Exchange Commission on Friday that revealed the hack was still under investigation by a series of federal and state agencies including the Federal Trade Commission, the Consumer Financial Protection Bureau and the Justice Department.

“A number of U.S. federal, state, local and foreign governmental officials and agencies, including Congressional committees…continue to investigate events related to the 2017 cybersecurity incident, igovernment it occurred, the consequences thereof and our response thereto," Equifax said in the filing.

Shares of Equifax rose nearly 5 percent in afternoon trading to $117.09. On Thursday, the company reported a profit for its fourth quarter.

Senator Elizabeth Warren, a staunch critic of Equifax’s handling of the breach, said she believed Equifax might actually make money off of the hack by selling more credit protection services.

“Their mistakes allowed the breach to happen, their response has been a failure, and they still can’t level with the public,” Warren said on Twitter.

“Enough is enough. We have to start holding the credit reporting industry accountable.”

Anadolu Agency

More about: cybersecurity