Uber concealed a hack that affected 57 million customers and drivers, the company has confirmed.
The 2016 breach was hidden by the ride-sharing firm which paid hackers $100,000 (£75,000) to delete the data.
The company’s former chief executive Travis Kalanick knew about the breach over a year ago, according to Bloomberg, which first broke the news.
The hackers found 57 million names, email addresses and mobile phone numbers, Uber said.
Within that number, 600,000 drivers had their names and license details exposed. A resource page for those affected has been set up.
Drivers have been offered free credit monitoring protection, but per Uber’s statement, affected customers will not be given the same.
‘None of this should have happened’
“While we have not seen evidence of fraud or misuse tied to the incident, we are monitoring the affected accounts and have flagged them for additional fraud protection,” Uber’s chief executive Dara Khosrowshahi said.
“None of this should have happened, and I will not make excuses for it,” he added.
“While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.”
In the wake of the news, Uber’s chief security officer Joe Sullivan has left the company.