Uber began notifying affected drivers of the breach today and is offering a free year membership with an identity protection company. Of the 50,000 compromised names, 21,000 were based in California, prompting Uber to also notify the California attorney general, the LA Times says. Additionally, the company has filed a "John Doe" lawsuit in an effort to gather more information about the third party.

"Uber takes seriously our responsibility to safeguard personal information, and we are sorry for any inconvenience this incident may cause," Uber said.

The data breach comes one month after Uber's security protocols received a clean bill of health as part of an external privacy audit, though that was spurred by high-profile missteps with information about Uber's passengers, not its drivers. In that report, the investigating agency recommended Uber start training its workforce in security issues and it further restrict access to data among employees.

"At Uber, protecting the personal information of riders is a core responsibility and company value," CEO Travis Kalanick said at the time. "Delivering on that value means that privacy is woven into every facet of our business, from the design of new products to how we interact with riders, drivers and the public at large."