The scale of a data theft from a Dutch national screening programme laboratory is far greater than initially reported, research agency Bevolkingsonderzoek Nederland said on Friday.

Hackers may have accessed the personal and medical details of all 941,000 women who have taken part in the cervical cancer screening programme since 2017, the agency said in a website statement.

The organisation first said that data from 485,000 participants had been stolen, but has now confirmed that at least 715,000 women have been affected. Because it cannot rule out that the entire database was compromised, every woman who has taken part in the programme since 2017 will receive a letter in the coming weeks.

As well as personal details, the stolen files contained medical information, some of which has already been published on the dark web.

RTL Nieuws reported that the names, home addresses and BSN numbers of a  minister and an MP were among the leaked data, along with details of the tests they underwent.

“We realise this is a very distressing message for participants in the cervical cancer screening programme,” Bevolkingsonderzoek Nederland said in a statement. “We are communicating this now because participants must be alert to phishing and fraud.”

The public prosecution service and police have launched a criminal investigation into the theft to establish who was behind the hack. Tens of thousands of women are have also signed up for mass claims in response to the breach.