MGM Resorts International says it was the victim of a data breach last year.

The New York Times reports that the majority of data exposed could be found in a phone book.

While MGM has not officially disclosed how many people were affected, the NY Times reports that a cybercrime monitoring firm called Under the Breach said that “10.6 million people were affected.”

About 1,300 individuals had more sensitive data hacked -- like driver's licenses, passports and military IDs.

The Times reports that the company notified impacted guests in accordance with state law.

MGM didn't say who hacked the data, but that it is working with law enforcement to investigate.

In a partial statement, MGM Resorts says, “we take our responsibility to protect guest data very seriously, and we have strengthened and enhanced the security of our network to prevent this from happening again.”

 

(New York Times contributed to this report.)