New research shows that sensitive corporate data is being unknowingly exposed through generative AI tools like ChatGPT and embedded AI features in everyday apps, highlighting urgent risks for businesses without proper AI governance.

It’s a question many of us in the business world have been asking, and new research has just provided a worrying answer. Sensitive corporate data is being exposed to generative AI tools at a significant rate, and the problem is likely bigger than you think.

According to a recent report from Harmonic Security, sensitive company information appeared in more than 4,4% of prompts and over 20% of files uploaded to generative AI applications in the second quarter of this year alone. This isn’t a new issue, of course, but the scale is increasing as more workplaces adopt these tools. Many employers simply don’t have proper AI policies in place, or they don’t enforce them. This leads to a situation where employees are either using these tools without training or, even more worryingly, in secret.

 

The Numbers Don’t Lie

Harmonic Security’s research is based on a massive sample of one million prompts and 20.000 files submitted to over 300 different generative AI tools and AI-enabled SaaS applications. The findings are quite stark: 43.700 of those prompts (4,4%) and 4.400 of the uploaded files (22%) contained sensitive information.

A large portion of this data exposure comes from personal and free chatbot accounts. The free version of ChatGPT was responsible for about a quarter of the prompts containing sensitive information, while the free version of Google Gemini accounted for another 15% of sensitive prompts. When you look at all tiers—both free and paid—ChatGPT was by far the biggest source of data exposure, followed by Microsoft Copilot and Google Gemini.

The most common type of sensitive data being shared? Proprietary code. The report notes that code was “especially prevalent in ChatGPT, Claude, DeepSeek and Baidu Chat.” Interestingly, the number of prompts with sensitive code was particularly high in Claude, which is often considered a top-tier tool for programmers. Other sensitive information shared with ChatGPT included M&A planning, financial modelling, and investor communications.

 

Invisible Risks in Everyday Tools

What’s even more concerning is that the risk extends beyond dedicated chatbot services. Tools that feel safe—like document editors or design platforms—now often include generative AI features. These features can be trained on user data, creating a data leak risk that completely bypasses traditional security controls. The report found that tools like Canva, Replit, and Grammarly were being used for sensitive tasks such as legal strategy, internal emails, client data, and code. Because these are not typically flagged as “AI tools” by corporate systems, the risk is often invisible.

It’s worth noting that the companies included in Harmonic Security’s study had already deployed the company’s data security tools. This means the actual exposure rate for businesses without such protections could be even higher. The key takeaway is clear: the use of generative AI in the workplace presents a significant and often unmonitored risk to sensitive corporate data. Businesses need to take this seriously, establishing and enforcing clear policies to protect their valuable information.

 

A New Approach to Governance

Companies must adapt their governance to reflect the new shape of AI. “Shadow IT” has long been a problem for security teams, but the rise of AI embedded in mainstream tools has made this challenge even bigger. The old temporary solution was to block any tool in the “AI category,” but this is no longer effective when AI is now a part of the very tools employees rely on every day. In many cases, employees have little to no knowledge they are exposing business data.

This fundamental shift demands a new, data-first governance model. It’s about monitoring what data flows into AI systems, not just which tools are used. To adapt, companies must:

  • Gain visibility into tool usage, including free tiers and embedded tools.
  • Monitor what types of data are entering GenAI systems.
  • Enforce context-aware controls at the data layer.
  • Establish opt-out policies and model training restrictions with vendors.

The tools are already here. The data is already flowing. The only question is whether your company’s governance can catch up in time.

 

Go further with CREAPLUS

Navigating the rapidly changing world of AI requires a strategic approach that prioritises data security. This is where CREAPLUS’ AI and data protection experts can help. We understand the unique challenges of securely implementing AI and can assist your organisation in turning these challenges into smart opportunities, leading to a more secure and resilient future.