Uber reportedly paid US$100,00 (NZ$146,000) to hackers to delete data which they had stolen from the company about 57 million of its customers.
Bloomberg reports Uber's former chief executive Travis Kalanick new about the 2016 breach more than a year ago.
Uber said today in a statement that hackers stole the names, addresses and mobile phone numbers of 57 million users as well as the drivers license numbers and other details of registered drivers.
Uber said earlier this year that it has about 4000 drivers in New Zealand as of May, as well as 300,000 riders.
Uber CEO Dara Khosrowshahi wrote on the Uber page that she wanted to be "honest and transparent as we work to repair our past mistakes".
"In late 2016 we became aware that two individuals outside the company had inappropriately accessed user data stored on a third-party cloud-based service that we use," he wrote.
"Our outside forensics experts have not seen any indication that trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth were downloaded.
"However, the individuals were able to download files containing a significant amount of other information.
"We subsequently identified the individuals and obtained assurances that the downloaded data had been destroyed.
"We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts.
"None of this should have happened, and I will not make excuses for it ... while I can't erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes."
Drivers have been offered free credit monitoring protection, but customers have not.