A new data leak could affect hundreds of millions of Americans, perhaps more than the nearly 150 million affected by the Equifax breach.

Exactis, a Florida-based marketing and data-aggregation firm, leaked detailed information on individual adults and businesses, a security researcher said. While the exact number of people affected isn’t known, the leak involved about 340 million records on a publicly available server.

Wired was the first to report that the exposed information included phone numbers, home addresses, email addresses and personal characteristics for every name, such as interests and habits, plus the number, age and gender of the person’s children. Other types of information found included religion, whether a person smokes, and type of pet.

No evidence has surfaced that anyone with malicious intent obtained the Exactis data. That makes it different from the Equifax hack, which was a cyberattack on the company’s data.

On the website of Exactis, the company claims to have data on 218 million individuals, including 110 million U.S. households, and 3.5 billion “consumer, business, and digital records.”

Vinny Troia, the security researcher who discovered the leak and reported it to Exactis — which he said has since protected the data — said Thursday that he looked for about 40 or 50 names and everybody he searched for came up. “I searched celebrities, I searched people I know,” he said.

“It seems like this is a database with pretty much every U.S. citizen in it,” Troia, founder of New York-based security company Night Lion Security, told Wired, which also asked Troia to look up names in the database and confirmed the authenticity of some of the information, although some of it was outdated.