Trending
Written by: Indusface
1. Work-related files and documents:
One of the most common categories of information shared with AI is work-related files and documents. Over 80% of professionals in Fortune 500 enterprises use AI tools, such as ChatGPT, to assist with tasks such as analysing numbers, refining emails, reports, and presentations.2
However, 11% of data employees paste into ChatGPT is strictly confidential, such as internal business strategies, without fully understanding how the platform processes this data. It is therefore recommended to remove sensitive data when inputting search commands into AI tools.3
2. Personal details:
Personal details such as names, addresses and contact information are often being shared with AI tools daily. Shockingly, 30% of professionals believe that protecting their personal data isn’t worth the effort indicating a growing sense of helplessness and lack of training.
Access to cybersecurity training has increased for the first time in four years, with 1 in 3 (33%) participants using it and 11% having access but not utilizing it. For businesses to remain safe from cyber security threats, it is important to carry out cybersecurity training for staff, upskilling on the safe use of AI.1
3. Client or employee information:
Client information including data that may fall under regulatory or confidentiality requirements is often being shared with AI by professionals.
For business owners or managers using AI for employee information, it is important to be wary of sharing bank account details, payroll, addresses, or even performance reviews as this can violate contract policy and lead to organisation vulnerability due to any potential legal actions if sensitive employee data is leaked.
4. Financial information:
Large language models (LLMs) are often used and are crucial AI models for many generative AI applications, such as virtual assistants and conversational AI chatbots. This can often be used via Open AI models, Google Cloud AI, and many more.
However, the data that helps train LLMs is usually sourced by web crawlers scraping and collecting information from websites. This data is often obtained without users’ consent and might contain personally identifiable information (PII).
Other AI systems that deliver tailored customer experiences might collect personal data, too. It is recommended to ensure that the devices used when interacting with LLMs are secure, with full antivirus protection to safeguard information before it is shared, especially when dealing with sensitive business financial information.
5. Passwords and access credentials:
AI models are designed to provide insights, but not safely secure passwords, and could result in unintended exposure, especially if the platform does not have strict privacy and security measures.
Avoid reusing passwords that may have been used across multiple sites as this could lead to a breach on multiple accounts. The importance of using strong passwords with multiple symbols and numbers has never been more important, in addition to activating two-factor identification to secure accounts and mitigate the risk of cyber attacks.
6. Company codebases and intellectual property (IP):
Developers and employees increasingly turn to AI for coding assistance, however sharing company codebases can pose a major security risk as it is a business’s core intellectual property. If proprietary source code is pasted into AI platforms, it may be stored, processed, or even used to train future AI models, potentially exposing trade secrets to external entities.
Businesses should therefore implement strict AI usage policies to ensure sensitive code remains protected and never shared externally. Additionally, using self-hosted AI models or secure, company-approved AI tools can help mitigate the risks of leaking intellectual property.
Related: The AI Edge in Customer Experience: Merging Automation with Empathy
Methodology:
-
The application security SaaS company, Indusface have uncovered what exactly professionals are sharing with AI and the implications this can have on individuals and businesses.
-
All data is accurate as of January 2025.
Note to editor:
- Cybsafe | The Annual CybersecurityAttitudes and Behaviors Report 2024-2025
- Masterofcode | MOCG Picks: 10 ChatGPT Statistics Every Business Leader Should Know
-
CyberHaven | 11% of data employees paste into ChatGPT is confidential