Despite having only five remaining retail outlets, Sears still has an active and widely used Home Services division, complete with an AI chatbot. Unfortunately, that chatbot was reportedly quietly leaking customer conversations to anyone who knew where to look, according to WIRED.
Security researcher Jeremiah Fowler discovered three publicly accessible databases last month containing 3.7 million chat logs, 1.4 million audio files, and transcripts captured between 2024 and this year, according to WIRED‘s report. The exposed data included customer names, phone numbers, home addresses, appliance information, and details about repair and delivery appointments.
The data has since been secured after Fowler notified Transformco, the company that owns Sears and Sears Home Services. Transformco did not respond to WIRED’s requests for comment.
Mashable Light Speed
What’s most unsettling about the report may be the hours-long audio files from customers who thought the calls with the AI chatbot, named Samantha, had long since ended. Several recordings ran for up to four hours, potentially capturing private conversations, background TV, and ambient household noise that customers had no idea was being recorded.
“The thing to remember is that it is real data of real people,” Fowler told WIRED, adding that companies rushing to deploy AI cannot afford to cut corners on data security.
As of the writing of this article, Transformco has not publicly addressed the breach.
