2026-02
Data Leakage
Sears Home Services (Transformco)

Sears Home Services AI chatbot leaked 3.7M call recordings and chat logs

What happened

Security researcher Jeremiah Fowler discovered three publicly exposed, unencrypted databases tied to Sears Home Services AI voice and chat agents. The data spanned 2024 to 2026 and included recordings where the bot kept capturing audio long after calls should have ended.

Impact

About 3.7 million records were exposed, including roughly 1.4 million customer call recordings plus chat transcripts and PII such as names, addresses, and emails.

How this could have been prevented

AI voice and chat logs are sensitive PII stores that require authentication and encryption, and recording sessions must terminate deterministically.

Sources

More data leakage incidents

Would runtime governance have caught this?

Guardion enforces policy on every agent action inline — with visibility, tamper-evident evidence, and DLP for agents and MCPs.

Request a demo