Uber waited more than five months to notify drivers whose names and drivers-license numbers were taken in a computer-security breach last year, much longer than allowed by many state laws.

The car-hailing service said Friday it discovered in September that an Uber database had been breached in May, and immediately restricted access to the database. The company said it started notifying the roughly 50,000 affected drivers this week, and has not received reports of misuse as a result of the incident.

...