Right when Facebook’s last data controversy seemed to be dying down, another one took its place this week when a security researcher discovered that a popular quiz app called “Nametests” exposed the data of over 120 million users.

The researcher, Inti De Ceukelaire, uncovered the flaw that would’ve allowed anyone to pull information for all of the app’s users, even if they had deleted it. Nametests was responsible for many popular quizzes on Facebook, like “what nationality do I look like?”, “What kind of woman are you?”, and hundreds of other quizzes you often see making the rounds on Facebook. However, these seemingly-innocent questions could’ve come with a steep price.

“I would imagine you wouldn’t want any website to know who you are, let alone steal your information or photos,” De Ceukelaire wrote of the data breach. “Abusing this flaw, advertisers could have targeted (political) ads based on your Facebook posts and friends. More explicit websites could have abused this flaw to blackmail their visitors, threatening to leak your sneaky search history to your friends.”

Thankfully, De Ceukelaire reported the issue to Facebook and it was resolved. The company also says that there’s no evidence it was exploited. But still, it’s not exactly comforting to know the personal information of that many people was floating around the web.