New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise - The Hacker News

New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise The Hacker NewsOct 07, 2025Artificial Intelligence / Browser Security For years, security leaders have treated artificial intelligence as an “emerging” technology, something to keep an eye on but not yet mission-critical. A new Enterprise AI and SaaS Data Security Report by AI & Browser Security company LayerX proves just how outdated that mindset has become. Far from a future concern, AI is already the single largest uncontrolled channel for corporate data exfiltration—bigger than shadow SaaS or unmanaged file sharing. The findings, drawn from real-world enterprise browsing telemetry, reveal a counterintuitive truth: the problem with AI in enterprises isn’t tomorrow’s unknowns, it’s today’s everyday workflows. Sensitive data is already flowing into ChatGPT, Claude, and Copilot at staggering rates, mostly through unmanaged accounts and invisible copy/paste channels. Traditional DLP tools—built for sanctioned, file-based environments—aren’t even looking in the right direction. From “Emerging” to Essential in Record Time In just two years, AI tools have reached adoption levels that took email and online meetings decades to achieve. Almost one in two enterprise employees (45%) already use generative AI tools, with ChatGPT alone hitting 43% penetration. Compared with other SaaS tools, AI accounts for 11% of all enterprise application activity, rivaling file-sharing and office productivity apps. The twist? This explosive growth hasn’t been accompanied by governance. Instead, the vast majority of AI sessions happen outside enterprise control. 67% of AI usage occurs through unmanaged personal accounts, leaving CISOs blind to who is using what, and what data is flowing where. Sensitive Data Is Everywhere, and It’s Moving the Wrong Way Perhaps the most surprising and alarming finding is how much sensitive data is already flowing into AI platforms: 40% of files uploaded into GenAI tools contain PII or PCI data, and employees are using personal accounts for nearly four in ten of those uploads. Even more revealing: files are only part of the problem. The real leakage channel is copy/paste. 77% of employees paste data into GenAI tools, and 82% of that activity comes from unmanaged accounts. On average, employees perform 14 pastes per day via personal accounts, with at least three containing sensitive data. That makes copy/paste into GenAI the #1 vector for corporate data leaving enterprise control. It’s not just a technical blind spot; it’s a cultural one. Security programs designed to scan attachments and block unauthorized uploads miss the fastest-growing threat entirely. The Identity Mirage: Corporate ≠ Secure Security leaders often assume that “corporate” accounts equate to secure access. The data proves otherwise. Even when employees use corporate credentials for high-risk platforms like CRM and ERP, they overwhelmingly bypass SSO: 71% of CRM and 83% of ERP logins are non-federated. That makes a corporate login functionally indistinguishable from a personal one. Whether an employee signs into Salesforce with a Gmail address or with a password-based corporate account, the outcome is the same: no federation, no visibility, no control. The Instant Messaging Blind Spot While AI is the fastest-growing channel of data leakage, instant messaging is the quietest. 87% of enterprise chat usage occurs through unmanaged accounts, and 62% of users paste PII/PCI into them. The convergence of shadow AI and shadow chat creates a dual blind spot where sensitive data constantly leaks into unmonitored environments. Together, these findings paint a stark picture: security teams are focused on the wrong battlefields. The war for data security isn’t in file servers or sanctioned SaaS. It’s in the browser, where employees blend personal and corporate accounts, shift between sanctioned and shadow tools, and move sensitive data fluidly across both. Rethinking Enterprise Security for the AI Era The report’s recommendations are clear, and unconventional: Treat AI security as a core enterprise category, not an emerging one. Governance strategies must put AI on par with email and file sharing, with monitoring for uploads, prompts, and copy/paste flows. Shift from file-centric to action-centric DLP. Data is leaving the enterprise not just through file uploads but through file-less methods such as copy/paste, chat, and prompt injection. Policies must reflect that reality. Restrict unmanaged accounts and enforce federation everywhere. Personal accounts and non-federated logins are functionally the same: invisible. Restricting their use - whether fully blocking them or applying rigorous context-aware data control policies - is the only way to restore visibility. Prioritize high-risk categories: AI, chat, and file storage. Not all SaaS apps are equal. These categories demand the tightest controls because they are both high-adoption and high-sensitivity. The Bottom Line for CISOs The surprising truth revealed by the data is this: AI isn’t just a productivity revolution, it’s a governance collapse. The tools employees love most are also the least controlled, and the gap between adoption and oversight is widening every day. For security leaders, the implications are urgent. Waiting to treat AI as “emerging” is no longer an option. It’s already embedded in workflows, already carrying sensitive data, and already serving as the leading vector for corporate data loss. The enterprise perimeter has shifted again, this time into the browser. If CISOs don’t adapt, AI won’t just shape the future of work, it will dictate the future of data breaches. The new research report from LayerX provides the full scope of these findings, offering CISOs and security teams unprecedented visibility into how AI and SaaS are really being used inside the enterprise. Drawing on real-world browser telemetry, the report details where sensitive data is leaking, which blind spots carry the greatest risk, and what practical steps leaders can take to secure AI-driven workflows. For organizations seeking to understand their true exposure and how to protect themselves, the report delivers the clarity and guidance needed to act with confidence. Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share SHARE  artificial intelligence, browser security, Cloud security, cybersecurity, data protection, enterprise security, insider threat, SaaS Trending News Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1 APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication 149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine and More OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues ⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack and Vibe-Coded Malware Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries Load More ▼ Popular Resources Self-Hosted WAF: Block SQLi, XSS, and Bots Before They Reach Your Apps Identity Controls Checklist: Find Missing Protections in Apps Read CYBER360 2026: From Zero Trust Limits to Data-Centric Security Paths 19,053 Confirmed Breaches in 2025 – Key Trends and Predictions for 2026