Practical guides to protect yourself, your family, and your business from AI-driven scams, deepfakes, and emerging cyber threats.
A security researcher went looking and found three databases sitting open on the internet. No password. No encryption. Inside were 3.7 million records tied to Sears Home Services: chat transcripts, text logs, and audio recordings of customer phone calls stretching from 2024 to 2026. Anyone who found the web address could read and listen in.
The records came from an AI system, a chatbot and voice assistant the company uses to book appointments and answer customer questions. That detail is the point. The leak is not really about one retailer's slip. It is about what happens to everything an AI assistant hears once a company starts recording it, and where that growing pile of data ends up.
The researcher, Jeremiah Fowler, published his findings through ExpressVPN in March 2026 after discovering the databases in early February. All three were unprotected: no login, no encryption, reachable by anyone who knew where to look. The files referenced two AI systems built by Sears, a customer-facing chatbot called Samantha and a broader scheduling platform called KAIros. The contents were a customer-service operation turned inside out.
It helps to decode what "3.7 million records" actually means here, because the mix matters more than the headline number. More than two million text files held names, phone numbers, and home addresses. Nearly 1.5 million were audio recordings of real phone calls, about 3.9 terabytes in total, each one a recording of a customer's voice. Voice is biometric data (a measurable physical trait that can identify a specific person, the way a fingerprint does), which makes an archive of recorded calls far more sensitive than a spreadsheet of the same facts. Some recordings ran for up to four hours because the customer never hung up, capturing private conversations that had nothing to do with a broken appliance.
No fraud has been tied to this leak, and that is exactly why it is worth your attention now rather than after. The concrete exposure is 3.7 million people's contact details and voices, held by a household name and guarded by nothing. What it means for you is less comfortable. If your organization has rolled out an AI chatbot or a voice agent, that system is quietly building a new archive of everything it is told: every customer's name, problem, and address, and, if it answers calls, their voice. Most security teams keep an inventory of their databases. Far fewer have noticed that a customer-service bot is now one of the largest stores of personal and biometric data they hold. The systemic shift is that AI assistants turn fleeting conversations into permanent, searchable records at a volume no human call center ever produced, and the weak point is almost never the model itself. It is the ordinary cloud storage bucket behind it, left public by a configuration error. That failure mode is as old as the cloud. AI just made the spill far larger and added voices to it. There is a second, subtler danger in exposing a bot's full logs: they can reveal the system's own instructions and guardrails, handing an attacker a manual for how to manipulate it.
The Sears exposure did not need a hacker. It needed a single box left unticked on a database full of things an AI had been told in confidence. As companies rush to put a chatbot on every phone line and support page, each one becomes a growing reservoir of names, addresses, and recorded voices, and every reservoir is one misconfiguration away from the open web. The question to carry into your next review is not whether your AI assistant is helpful. It is where everything it has heard is stored, who can reach it, and how long you intend to keep it.


