Top Stories
Top Stories

Uber Says Data Breach May Have Exposed Info on 50,000 Drivers

Devin Coldewey
The Uber app on a mobile phone
Getty Images

Uber announced Friday that it suffered a breach to an internal database in 2014 that exposed data on about 50,000 drivers. In a blog post, the car service company said the unauthorized access occurred on May 13, but was not discovered until Sept. 17. A subsequent investigation showed that the breach exposed the names and driver's license numbers of some 50,000 drivers, which Uber described as "a small percentage of current and former Uber driver partners." No customer data, usernames or passwords were accessed. When contacted by NBC News, Uber declined to comment on why the breach was only disclosed Friday, or whether drivers were notified earlier.

More from NBC News:
Putin critic Boris Nemtsov shot dead in Moscow
Celebrities and scientists remember Leonard Nimoy
Group sues EPA over demise of monarch butterflies

The company is providing a year of identity theft protection to those affected. To date, there have been no reports of fraudulent use of the data, Uber said. The company has also filed a "John Doe" lawsuit, which will allow it to investigate further and collect evidence on the as-yet-unknown perpetrator.

Uber has been the target of criticism over what some critics see as a cavalier attitude toward security and privacy — its infamous "God View" tool allowed employees to view customers' personal data, and a number of smaller incidents have exposed internal documents and tools. The company pledged in January to improve in this area after commissioning an audit of its privacy and data security practices.

Read More