Employees are uploading sensitive company data to ChatGPT and other AI tools at an alarming rate, with security violations nearly doubling year-over-year. A new report found that the amount of sensitive enterprise data transferred to artificial intelligence and machine learning applications almost doubled in the last year, putting organizations at increased risk of data breaches and cyber espionage.

Why Are Employees Sending Sensitive Data to ChatGPT?

The Zscaler 2026 AI Threat Report, published on June 17, revealed a 93% year-over-year increase in employees transferring enterprise data to AI tools. The culprits are often the most convenient applications. Over half of these data transfers were driven by staff using two tools in particular: Grammarly, which accounted for 38% of transfers, and ChatGPT, which accounted for 21%.

The problem is that employees are not typically acting with malice. Rather, they are attempting to transfer data to AI models to help them be more efficient at work. A software developer might paste proprietary code into ChatGPT to debug it faster. A financial analyst might upload a spreadsheet of customer records to get help organizing data. A marketer might paste confidential campaign strategies into Grammarly to improve their writing. The convenience is exactly what makes these tools risky.

What Data Is Being Exposed?

The scale of the problem is staggering. Zscaler identified over 410 million Data Loss Prevention (DLP) policy violations related to ChatGPT alone, representing a 99% year-over-year increase. These violations were related to sensitive information such as financial records, personally identifiable information (PII), source code, healthcare data, and other regulated content.

In total, 18,033 terabytes of data was transferred to AI and machine learning applications during the last year, roughly equivalent to 3.6 billion digital photos. The AI coding assistant Codium also represented a significant vector for data leakage, with over 242 million DLP violations detected by Zscaler, representing a 100% year-over-year increase. This suggests increased leakage risk for source code and proprietary logic, something which could be highly damaging to businesses.

"The riskiest AI applications tend to be those that employees use without thinking, writing assistants, coding helpers, or AI features layered into collaboration suites. Their convenience is exactly what makes them higher risk; they see the same sensitive content employees do, often at the moment it's created," warned the report.

Zscaler 2026 AI Threat Report

How to Protect Your Organization From AI Data Leaks

To counter the potential cybersecurity risks around the increased use of AI by employees, security experts recommend a multi-layered approach. Organizations should implement controls across all AI tools, not just the most popular ones.

• Inventory All GenAI Apps: Create a continuously updated catalog of every standalone generative AI tool and every software-as-a-service (SaaS) or internal app that includes AI functionality or features, so you know what employees are actually using.
• Disable Risky AI Defaults: Turn off auto-enabled AI functionality in SaaS and productivity apps until they have been reviewed and configured to match your organization's risk tolerance and security policies.
• Apply Zero Trust to Model Interactions: Implement least-privilege access for every user, service, and system that interacts with an AI model, ensuring that employees can only access the tools they genuinely need for their role.
• Enforce AI Guardrails With Inline Inspection: Ensure inline inspection across all AI and machine learning traffic to prevent external malicious activity from compromising AI systems and stop sensitive data from being exposed via prompts or in outputs.

The findings in the report are based on analysis of 989.3 billion total AI and machine learning transactions in the Zscaler cloud from January 2025 through December 2025, making it one of the largest datasets available on real-world AI security risks.

As organizations continue to adopt AI tools to improve productivity, the challenge is balancing innovation with security. The dramatic increase in policy violations suggests that many companies have not yet implemented adequate controls to prevent sensitive data from leaking into public AI models. For IT and security teams, the message is clear: shadow AI, the use of unapproved tools by employees, is exposing the same governance failures that cybersecurity teams have struggled with for years.