AI's biggest threat isn't hackers—it's accidental data leaks from within
A growing number of high-profile data leaks have exposed serious security gaps in AI systems. Recent incidents, including Samsung engineers accidentally sharing source code via ChatGPT, highlight the risks of centralised AI processing. New research now shows that data security has become the biggest obstacle for businesses scaling artificial intelligence.
The problem extends beyond accidental leaks. Reports reveal that unauthorised data access by AI agents is widespread, with four in five organisations encountering risky behaviour from these systems. The issue gained attention earlier this year when Samsung employees unintentionally leaked proprietary source code through ChatGPT. The incident demonstrated how centralised AI inference—where prompts and responses are logged and stored—creates structural vulnerabilities. These leaks carry real financial consequences, as sensitive corporate data becomes exposed to third parties.
A separate case involved DeepSeek, a Chinese AI developer, which was found routing user prompts from South Korea directly to ByteDance servers in Beijing. The discovery raised concerns about cross-border data flows and the lack of transparency in AI processing locations.
Industry reports underline the scale of the challenge. McKinsey’s State of AI 2025 found that data security concerns surged by 10 percentage points year-on-year, overtaking other barriers to enterprise AI adoption. The same study noted that 80% of organisations had experienced risky AI-agent behaviour, including unauthorised access to confidential information. Gartner further predicts that, by 2029, 75% of processing on untrusted infrastructure will require trusted execution environments (TEEs) to mitigate these risks.
In response, tech giants and startups are developing encrypted solutions. Companies like NVIDIA, Apple, Meta, Google Cloud, and AWS now offer confidential computing products designed to protect AI workloads. Meanwhile, blockchain-based projects such as NEAR, Phala, and Nillion are using TEEs and multi-party computation (MPC) to run encrypted AI inference at near-normal speeds. These approaches aim to prevent leaks by ensuring that sensitive data remains encrypted even during processing.
The shift reflects a broader recognition that agentic AI systems often carry embedded strategic information. Prompt confidentiality is no longer just a privacy issue but a core security requirement for businesses handling sensitive operations. As AI adoption accelerates, the financial and operational risks of data exposure are pushing companies toward encrypted alternatives. Centralised inference models, which log and retain prompts, are increasingly seen as a liability. Solutions like TEEs and confidential computing are gaining traction, but widespread implementation will depend on balancing security with performance.
The pressure is now on enterprises to rethink how they deploy AI—before the next high-profile leak forces their hand.
