Lessons From A Chatbot Incident

A security researcher discovered three publicly accessible databases containing ~3.7 million Sears Home Services records (chat transcripts, audio, transcriptions) that exposed PII and sensitive content due to unprotected, unencrypted storage; the databases have since been secured and the report highlights broader AI-chatbot data management risks, biometric/voice-cloning concerns, and the need for zero-trust, data minimization, and continuous monitoring.