There was a major data security breach at Uber last year, but the ride share company has just released the information this week.
Dara Khosrowshahi, Uber’s CEO, wrote a blog post admitting he had recently learned about the 2016 incident, which he said did not “breach out company systems or infrastructure.”
According to Khosrowshahi, hackers were able to download files containing the names and driver’s license numbers of around 600,000 drivers in the US, along with personal information of 57 million Uber users around the world. This information included names, email addresses and mobile phone numbers.
But Uber said that they don’t believe any individual rider needs to take any action, as they have seen no evidence of fraud or misuse tied to the hack.
“At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals,” he said. “We subsequently identified the individuals and obtained assurances that the downloaded data had been destroyed.”
Uber said its now notifying drivers who were affected by the breach, and will be providing them free credit monitoring and identity theft protection.
Additionally, the company released a statement on Wednesday saying the privacy of their riders and drivers is of paramount importance. “That is why we are working closely with regulatory and government authorities globally, including the Federal Privacy Commissioner’s Office here in Canada. Until we complete that process we aren’t in a position to get into more detail.”
Khosrowshahi also said that none of this should have happened.
“I will not make excuses for it. While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes,” Khosrowshahi said. “We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.”