The customer card numbers and personal credit card information of tens of thousands of MoviePass customers have been exposed, TechCrunch reports. A security researcher in Dubai reportedly found a massive, growing database of 161 million MoviePass records. The records included the numbers of MoviePass customer cards, which act like reloadable debit cards filled by the company to allow users to watch films in theaters. The cards’ expiration date, balance, and activation date were also included in some records. Other records included customers’ personal credit card information, expiration dates, addresses, and names—or enough information to make fraudulent purchases. According to TechCrunch, none of the records in the database were encrypted and the database may have been exposed for months because a server was not password protected. The security researcher reportedly contacted MoviePass CEO Mitch Lowe about the database a few days ago, but did not hear back. Once TechCrunch reached out to the company on Tuesday, the database went offline.