A data breach discovered in February potentially exposed information on more than 4 million people, debt collection agency Financial Business and Consumer Solutions (FBCS) said in an updated regulatory filing Monday.

The Pennsylvania-based company has steadily revised its assessment of the potential impact of the breach since it first began notifying customers in April. The latest filing with Maine regulators — the fifth since April 26 — said the incident affected 4,050,711 people, more than double what was originally reported. 

“The unauthorized actor had the ability to view or acquire certain information on the FBCS network during the period of access” from February 14-26, the company said.

FBCS did not specify the nature of the intrusion into its network. 

The compromised data included names, dates of birth, Social Security numbers and driver’s license numbers, as well as “medical claims information, provider information, and clinical information (including diagnosis/conditions, medications, and other treatment information), and/or health insurance information,” FBCS said.

The company said it called in the “assistance of third-party computer forensics specialists” and hardened its systems. FBCS also is offering potential victims a year of credit monitoring.

FBCS collects consumer debt in areas such as auto finance, credit cards, utilities and healthcare.