New York’s attorney general has opened an investigation into the data breach disclosed Thursday by the consumer-credit reporting agency Equifax, according to a person familiar with the inquiry. The intrusion may have compromised the Social Security numbers, driver’s license numbers and other personal information of 143 million Americans.

In a letter sent to Equifax on Friday, the attorney general, Eric T. Schneiderman, requested specific details about when the company learned of the breach, what caused it and whether there was evidence of identity theft, abuse of financial information or data being offered for sale illegally, the person said.

Mr. Schneiderman also asked Equifax to remove language posted online that could be interpreted to mean victims of the breach could not sue or participate in a class action, the person said.

The breach disclosed Thursday is the third major cybersecurity attack Equifax has experienced since 2015 and one of most significant threats to Americans’ personal data in recent years.

Also on Friday, Representative Ted W. Lieu, Democrat of California, sent a letter to the leaders of the House Judiciary Committee — Representative Bob Goodlatte, the Virginia Republican who lead the panel, and Representative John Conyers Jr. of Michigan, the ranking Democrat — calling for a hearing to address the breach.

In his letter, Mr. Lieu asked that representatives of Equifax, Experian and TransUnion — the nation’s three major credit-reporting agencies — be called to testify about how the latest intrusion occurred and what steps were being taken to prevent future intrusions.

“Congress has a strong role to play in preventing such attacks on our financial and IT infrastructure, and must hold those entrusted with our most sensitive data to account,” Mr. Lieu wrote in the letter.

Equifax said Thursday that hackers had entered the company’s system from mid-May to July and had gained access to certain files in the process. The company said it had discovered the intrusion on July 29 and had found no evidence since then of unauthorized activity related to its main consumer or commercial-credit reporting databases.

Within hours of the disclosure, two Oregon residents filed a potential class action suit against Equifax in Federal District Court there. In their complaint, the residents, Mary McHill and Brook Reinhard, accuse Equifax of failing to maintain proper technological safeguards “in an attempt to increase profits” and seeks “fair compensation” to cover consumers’ costs for monitoring and repairing their credit.