If you have an iPhone with AT&T, there's a good chance your info has been stolen

The vast majority of the compromised passcodes belong to some 65.4 million current and former AT&T customers. However, the company has reset passcodes for 7.6 million of its current customers, in the typical abundance of caution often cited.

The passcodes are usualy four-digit numbers used to help verify customer accounts when they are being accessed by customers or AT&T support staff. No account passwords were compromised in the breach.

Although the passcodes and other information were encrypted, it remains possible to decipher the data. In addition to the passcodes, the data leaked includes customer names, dates of birth, home addresses, phone numbers, and Social Security numbers.

The stolen data was first reported on hacker forums in 2021. AT&T denied that the hack was real — until now.

The company continues to say that it does not have any evidence of "unauthorized access to its systems resulting in exfiltration of the data set."

It has set up a new webpage reporting the incident, with tips on how customers can keep their account secure.

"Our internal teams are working with external cybersecurity experts to analyze the situation," AT&T said in its statement. It added that the compromised data "does not contain personal financial information or call history," and the company will be offering complimentary identity theft and credit monitoring services to affected customers.