Car-hailing service Uber said Friday it was the target of a security breach last September, which affected the names and drivers-license numbers of approximately 50,000 drivers across multiple states. The company said it on September 17, 2014 it discovered that one of its databases could potentially have been accessed by a third party. Upon discovery the company immediately changed the access protocols for the database and began an investigation, which revealed that a one-time unauthorized access to an Uber database by a third party had occurred on May 13, 2014. The investigation determined the unauthorized access impacted approximately 50,000 drivers across multiple states, which is a small percentage of current and former Uber driver partners.
The files that were accessed contained the name and driver’s license number of some drivers.
Ubder added that it has not received any reports of actual misuse of any information as a result of this incident, but the company is notifying impacted drivers and recommend these individuals monitor their credit reports for fraudulent transactions or accounts.
The company will provide a free one-year membership of Experian’s ProtectMyID Alert.
Uber is the latest high-profile company to lose internal data to hackers, following breaches at Target, Sony Pictures and health insurer Anthem, among others. Uber’s case is interesting because of how long it waited to go public.
Uber also said it has filed a "John Doe" lawsuit in an attempt to find information that could help it identify who took the data.