But for safety's sake, any AOL email users should change their passwords now, rather than wait to find out whether they were affected or not.
It's believed — so far — that customer data from other AOL accounts has not been compromised.
If you don't have AOL email, watch out for anything you get from an AOL address, especially emails with either no subject heading, or a vague and meaningless one. (My recently received AOL spoof emails had either blank subject headings, the word “Hi!” or the heading “FW:” followed by blank space.)
Ideally you should not even open such an email, but if you do, make sure you do not click on any links inside, nor open any attachments the email might have — doing so will almost certainly result in some very nasty malware infecting your computer.