An ongoing investigation of the breach has shown that intruders gained access to TJX systems almost a full-year earlier than first thought -- and compromised more payment card data than previously believed, the company said in a statement issued Wednesday.

The investigation has also confirmed that card transaction data involving TJX-owned stores in the U.K and Ireland were also affected by the intrusion. Previously, the company had only said that it was "concerned" about this possibility.

TJX is the owner of stores such as TJ Maxx, Marshalls and Bob's Stores. In January, the company announced that someone had illegally accessed one of its payment systems and made off with card data belonging to an unspecified number of customers in the U.S., Canada, Puerto Rico as well as potentially the U.K. and Ireland.

"We are dedicating substantial resources to investigating and evaluating the intrusion," TJX's new CEO Carol Meyrowitz said in the statement. IBM and General Dynamics Corp., the two companies hired by TJX to shore up security in the wake of the breach, have committed "over 50 experts" to handle the probe, she said.

TJX still hasn't disclosed the number of shoppers that may have been affected by the breach, though many analysts believe the number to be in the millions. When it first announced the breach, TJX said it believed the intrusion took place in May 2006 but wasn't discovered until December, seven months later.