Research by LayerX reveals that more and more employees are pasting sensitive business information into AI chatbots.
45 percent of employees use generative AI, of which 77 percent have copied and pasted data into the chatbot. This emerges from a report by security company LayerX. Copy and paste has become the biggest blind spot, often via personal and unmanaged accounts. File uploads to generative AI sites also often contain sensitive data, according to the research this accounts for 40 percent of file uploads. Of these, 39 percent of uploads come via non-business accounts. This transforms such AI platforms into hotspots for data breaches.
File Uploads
LayerX publishes a report on the actual use of AI in enterprises. It shows that AI has become a core category in a short time: 45 percent of employees use AI tools, accounting for 11 percent of all enterprise activity, the company claims. ChatGPT is by far the most popular application, with 43 percent penetration.
The report states that 40 percent of files uploaded to generative AI tools contain personally identifiable information (PII) or Payment Card Industry (PCI) numbers. About four out of ten uploads happen via non-business accounts. This makes these platforms hotspots for data breaches and compliance risks, according to the company.
Copy and Paste
Files are not the only problem. Copy and paste has evolved into the primary channel for uncontrolled data flows. 77 percent of users paste data into AI prompts. 82 percent of that activity happens via unmanaged accounts.
GenAI accounts for 32 percent of all paste-exfiltration from corporate to personal environments. In chat apps the risk is highest: 62 percent of users paste PII/PCI there, of which 87 percent via non-corporate accounts.