Thousands of Uber drivers’ names and driver’s license numbers may be in the hands of an unauthorized third party due to a data breach that occurred last year, the ridesharing company announced Friday.
In a statement, Uber’s managing counsel of data privacy, Katherine Tassi, said the company discovered on Sept. 17, 2014 that one of its many databases could have potentially been accessed because one of the keys required to unlock it had been compromised. Upon further investigation, it found the database had been accessed once by an unauthorized third party on May 13, 2014.
The company could not say how the security vulnerability was first discovered, because the matter is currently under investigation.
According to Tassi, the company immediately patched the security vulnerability. It has not received any reports of misuse of the data.
The database contained only the names and driver’s license numbers of approximately 50,000 former and current Uber drivers.