"The exposed Sears databases uncovered by Fowler, which have since been secured, contained 3.7 million chat logs, plus 1.4 million audio files and plain text transcripts from 2024 to this year. Fowler found that one CSV file about the incident contained 54,359 complete chat logs. Conversations Fowler saw included the chatbot introducing itself as "Samantha, an AI virtual voice agent for Sears Home Services," with the logs also including the name of the company's AI technology "kAIros.""
"The cache of data contained chats in both English and Spanish and included personal information about Sears customers, such as names, phone numbers, home addresses, appliances owned, and information on delivery appointments and repairs."
""The thing to remember is that it is real data of real people," says Fowler, a researcher with Black Hills Information Security. While companies may be able to save money deploying AI, he emphasizes that it is crucial they "don't take any shortcuts when it comes to protecting that data, securing that data.""
Sears Home Services, the largest appliance repair service provider in the US, experienced a significant data breach when security researcher Jeremiah Fowler discovered three publicly exposed databases containing customer conversations with an AI chatbot named Samantha. The exposed data included 3.7 million chat logs, 1.4 million audio files, and text transcripts from 2024 onwards. The databases contained sensitive personal information including customer names, phone numbers, home addresses, appliance details, and appointment information. The AI technology, called kAIros, conducted conversations in both English and Spanish. Fowler emphasized that companies deploying AI must prioritize data security and avoid shortcuts in protecting customer information, as the exposed data represented real people's personal details.
Read at WIRED
Unable to calculate read time
Collection
[
|
...
]