The personal information of millions of Uber users was stolen by hackers over a year ago, in a massive cyberattack that the company has now admitted attempting to cover up.

Bloomberg reports that the data of 57 million Uber customers and drivers was breached in October 2016. In a bid to conceal the cyber-theft, senior figures at the ride-hailing firm agreed to pay the attackers responsible $100,000 (around £75,500) to delete the stolen information.

Legally, Uber was obliged to report the security breach to US regulators. However, the company has now admitted that it failed to do so, and also neglected to notify individuals whose personal information had been stolen.

The compromised data included the names, email addresses and phone numbers of 50 million Uber riders around the world, along with the personal details of around 7 million drivers.

The firm’s chief executive, Dara Khosrowshahi, publicly acknowledged both the hack and the attempted cover-up in a statement.

“None of this should have happened, and I will not make excuses for it,” he said. “While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.”

Uber hushed up massive hack that exposed 57m users’ private information