TalkTalk has announced that the details of 156,959 customers and 15,656 bank account numbers were accessed in last month's cyber attack.
But the telecoms firm emphasised the "information accessed cannot on its own lead to financial loss".
The 28,000 obscured credit and debit card numbers that were taken cannot be used for financial transactions, and were "orphaned", meaning customers cannot be identified by the stolen data.
Although the decision was taken to tell all TalkTalk customers of the security breach, the company says that only 4% of its customers have any sensitive personal data at risk.
Those who have had financial information accessed have all been contacted, and the firm is in the process of getting in touch with all of its other customers who have been affected.
People are still being warned to remain aware of phone and email scams.
Four people arrested separately on suspicion of offences under the Computer Misuse Act, in connection with the cyber attack, have been released on bail.
They are a 16-year-old boy arrested in Norwich, a 20-year-old arrested in Staffordshire, a 16-year-old, from Feltham in west London, and a 15-year-old boy from Co Antrim in Northern Ireland.
A parliamentary committee will conduct an investigation into the circumstances surrounding the TalkTalk data breach and the wider implications for the security of personal information online.
The House of Commons culture, media and sport committee will start taking evidence later this month.
Committee chairman Jesse Norman said: "The recent events have highlighted serious issues relating both to existing cyber security and the response to cyber crime."
Shares in TalkTalk were up nearly 6% in early trading this morning, but they are still down by more than a quarter since details of the hack were first revealed.