A US Internal Revenue Service investigation into an attack on its systems last May has found around 390,000 additional taxpayer accounts were potentially compromised.
The compromised accounts come on top of about 114,000 US taxpayers the agency identified as having been illegally accessed by the attackers in May of last year.
The investigation found the attackers attempted to gain access to a further 295,000 taxpayer transcripts, but were unsuccessful.
From February to May, attackers had sought to gain access to personal tax information through the agency's "Get Transcript" online application, which calls up records from previous tax returns.
The nine-month long review, which looked into incidents dating back to the launch of the "Get Transcript" application in January 2014 through May 2015, was conducted by the Treasury Inspector General for Tax Administration (TIGTA).
The "Get Transcript" web application has been offline since the incident was discovered, the agency said on Friday, adding that mailings to the affected taxpayers will start on February 29.
The IRS said it will also offer affected taxpayers free identity theft protection services as well as identity protection PINs.
"The IRS is committed to protecting taxpayers on multiple fronts against tax-related identity theft, and these mailings are part of that effort," IRS commissioner John Koskinen said.
A separate investigation by the TIGTA is still ongoing.