Indian local search service JustDial is facing a data breach of more than 100 million users which included the exposure of data such as names, email IDs, mobile numbers, gender, date of birth, and addresses. Founded over twenty years ago, JustDial (JD) is India’s oldest and leading local search engine for various services.

The man who discovered the breach, Rajshekhar Rajaharia, has said that 70 percent of the data was from users who merely called JustDial’s customer care number. According Rajaharia, an unprotected, publicly accessible API endpoint in the database can be accessed by anyone to view the users’ profile information.

“Even if one would not have used their app or website, if you ever called their customer service, your data may have been leaked.”