LAS VEGAS (KLAS) — In a statement on Wednesday, MGM Resorts announced the company was the victim of a major data breach in the summer of 2019. They have not confirmed an exact number, but according to the New York Times, upwards of 10 million people could have been impacted.

A spokesperson for MGM Resorts said the majority of the information was what is known as “phonebook data,” which includes first/last names and phone numbers. MGM Resorts said no financial information was exposed.

Below is the statement sent to 8 News Now:

“Last summer, we discovered unauthorized access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts. We are confident that no financial, payment card or password data was involved in this matter. MGM Resorts promptly notified guests potentially impacted by this incident in accordance with applicable state laws. Upon discovering the issue, the Company retained two leading cybersecurity forensics firms to assist with its internal investigation, review and remediation of the issue. At MGM Resorts, we take our responsibility to protect guest data very seriously, and we have strengthened and enhanced the security of our network to prevent this from happening again.”

MGM Resorts Spokesperson

The spokesperson would not give an exact number due to “many duplicates” being included in the breach.