Uber is coming clean about its cover-up of a year-old hacking attack that stole personal information about more than 57 million of the beleaguered ride-hailing service's customers and drivers.

The information includes names, email addresses and phone numbers of of 57 million people around the world, including around 600,000 U.S. drivers, according to a statement released by the company's CEO, Dara Khosrowshahi.

"Our outside forensics experts have not seen any indication that trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth were downloaded," the statement said. "At the time of the incident," the statement added, "we took immediate steps to secure the data and shut down further unauthorized access by the individuals. We subsequently identified the individuals and obtained assurances that the downloaded data had been destroyed."

The statement said users' personal information was accessed by two individuals via "a third-party cloud-based service" that Uber uses. Those individuals are no longer with the company, the statement noted.

"I've asked Matt Olsen, a co-founder of a cybersecurity consulting firm and former general counsel of the National Security Agency and director of the National Counterterrorism Center, to help me think through how best to guide and structure our security teams and processes going forward," the statement added.

The hack is the latest in a series of massive breaches - including the hack of that Equifax disclosed in September - that raise serious questions about companies' ability to keep customer data safe in the digital age.

The Associated Press contributed to this story.