Personal information of up to 50,000 Uber drivers was accessed by an unauthorized party last year, the company announced Friday.
"We are notifying impacted drivers, but we have not received any reports of actual misuse of information as a result of this incident," said Katherine Tassi, Uber's managing counsel of data protection, said in a statement.
Uber's database was accessed on May 13, 2014, but the company did not find out about the breach until four months later.
The data accessed included names and driver's license numbers of up to 50,000 drivers across several states, which the company described as "a small percentage of current and former Uber driver partners."
The app-based, ride service company said protocols for the database were changed when the breach was found.
Uber did not disclose the potential identity of the "third party," but said a lawsuit was filed Friday "to gather information" that may lead to a confirmation.
Though no reports of "misuse" of the information has been reported so far, Uber stated it was providing affected drivers with one-year memberships to identity protection services.
Drivers were being notified Friday, and the California attorney general's office was also contacted.
Uber, which is based in San Francisco, was founded in 2009.