The names and driver’s license numbers of current and former Uber drivers may have been exposed after a company database was accessed by an unauthorized third party in May 2014.

Evidence of the “one-time access” was discovered in September. The company then launched an investigation and brought in outside security experts to investigate the incident, according to a statement on company’s blog penned by Katherine Tassi, Uber’s managing counsel of data privacy. 

“To date, we have not received any reports of actual misuse of any information as a result of this incident, but we are notifying impacted drivers and recommend these individuals monitor their credit reports for fraudulent transactions or accounts,” Tassi’s statement said, noting that the company has also filed a “John Doe” lawsuit so it can “gather information that may lead to confirmation of the identity of the third party.”