The firm called Exactis left the record of 340 million people and businesses on a publicly accessible server. That means that anyone could have accessed those records at any time. The exposed records were identified by a New York security researcher earlier this month, who alerted the company and law enforcement, reports Wired. Exactis has since protected the data–all 2 terabytes worth, which is estimated to have contained records on 230 million American citizens and 110 million businesses.
That data included names, phone numbers, addresses, and emails as well as over 400 other personal characteristics such as if someone is a smoker or owns pets, their religion, whether they have children, and even their interests. It appears that social security numbers were not included in the data–although given everything else the data contained, that’s not much of a consolation.