Popular car service Uber said it is notifying about 50,000 drivers of an unauthorized access to a company database that contained drivers’ license numbers and names.
The “one-time unauthorized access” by an unidentified third-party occurred nearly a year ago–in May, said Uber in a blog entry by Katherine Tassi, managing general counsel of data privacy.
In addition to it statement on the breach, Uber said it filed what is known as a “John Doe” lawsuit to “gather information to help identify and prosecute this unauthorized third party.”
Uber said it realized on September 17 that its database could potentially be breached. “Upon discovery we immediately changed the access protocols for the database and began an in-depth investigation,” said Uber, adding that it changed access protocols immediately.
But the breach–unnoticed for about four months–impacted about 50,000 drivers across multiple states.
“We are notifying impacted drivers, but we have not received any reports of actual misuse of information as a result of this incident,” Uber said. Only names and driver’s license numbers were accessed.
Uber is providing a free one-year membership of identity theft protection from Experian.
Chad Hemenway is Managing Editor of Advisen News. He has more than 15 years of journalist experience at a variety of online, daily, and weekly publications. He has covered P&C insurance news since 2007, and he has experience writing about all P&C lines as well as regulation and litigation. Chad won a Jesse H. Neal Award for Best Single Article in 2014 for his coverage of the insurance implications of traumatic brain injuries and Best News Coverage in 2013 for coverage of Superstorm Sandy. Contact Chad at 212.897.4824 or [email protected].
