WASHINGTON — Hackers stole the personal information of 57 million Uber riders and drivers in 2016, and the company notified people Tuesday — nearly a year after it occurred.
In the breach, individuals were able to download files that contained personal information of 57 million Uber users, including the names and driver’s license numbers of about 600,000 drivers in the U.S.
Uber CEO Dara Khosrowshahi released a statement Tuesday in which he said he recently learned of the late 2016 hack, and was working to repair “past mistakes.”
He said immediate steps were taken to “secure the data and shut down further unauthorized access by the individuals.” Khosrowshahi added that the company assured that the downloaded data was destroyed and new security measures were put in place.
Drivers concerned they may have been impacted by the hack can learn more here; riders can learn more here.
Bloomberg first reported the breach, adding that the company paid hackers $100,000 to delete the data and keep the breach quiet. Uber’s statement Tuesday does not make mention of concealing the breach.
Khosrowshahi said he ordered an investigation to determine why it took one year for the breach to come out.
“None of this should have happened, and I will not make excuses for it. While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes,” Khosrowshahi said.
The revelation Tuesday marks the latest stain on Uber’s reputation.
The San Francisco company ousted Travis Kalanick as CEO in June after an internal investigation concluded he had built a culture that allowed female workers to be sexually harassed and encouraged employees to push legal limits.
The Associated Press contributed to this report.