Enterprise AI Data Uploads Double in One Year

▼ Summary
– Employee transfers of sensitive enterprise data to AI tools increased 93% year-over-year, with over 18,033 TB of data uploaded.
– Over half of data transfers came from Grammarly (38%) and ChatGPT (21%), with other tools including OpenAI, Codium, and GitHub Co-Pilot.
– DLP violations related to ChatGPT reached 410 million, a 99% increase, involving financial records, PII, source code, and healthcare data.
– The report warns that convenience-driven tools like writing and coding assistants pose high risk by accessing sensitive content at creation.
– Zscaler recommends inventorying AI apps, disabling risky defaults, applying zero trust, and enforcing inline inspection to mitigate cybersecurity risks.
The volume of sensitive corporate data uploaded to AI and machine learning platforms has nearly doubled over the past year, significantly amplifying the risk of data breaches and corporate espionage, according to a new cybersecurity report. The Zscaler 2026 AI Threat Report, released June 17, reveals a staggering 93% year-over-year increase in employees transferring proprietary data to AI tools.
A full 38% of these transfers were driven by Grammarly, and 21% by ChatGPT, making these two applications the primary culprits in over half of all data uploads. Other frequently used tools included OpenAI, Codium, GitHub Co-Pilot, Perplexity, Microsoft Co-Pilot, Google Gemini, and Claude. In total, Zscaler recorded 18,033 terabytes of data , the equivalent of roughly 3.6 billion digital photos , being fed into AI and ML applications over the past year.
The report also flagged over 410 million Data Loss Prevention (DLP) policy violations related to ChatGPT alone, a 99% jump from the previous year. These violations involved financial records, personally identifiable information (PII), source code, healthcare data, and other regulated content. While most employees are not acting maliciously , they are simply trying to boost productivity by using AI , the privacy implications are severe.
“The riskiest AI applications tend to be those that employees use without thinking , writing assistants, coding helpers, or AI features layered into collaboration suites,” the report warned. “Their convenience is exactly what makes them higher risk; they see the same sensitive content employees do, often at the moment it’s created.”
The coding assistant Codium also emerged as a major vector for DLP violations, with over 242 million incidents detected , a 100% year-over-year increase. This trend suggests a growing risk of source code and proprietary logic exposure, which could be highly damaging to businesses.
To help organizations mitigate these risks, Zscaler recommends a multi-pronged approach. First, companies should inventory all GenAI apps and apps with embedded AI functionality, creating a continuously updated catalog of every standalone AI tool and every SaaS or internal app that includes AI features. Second, they should disable risky AI defaults by turning off auto-enabled AI functionality in SaaS and productivity apps until each feature is reviewed and configured to match the organization’s risk posture. Third, organizations should apply zero trust to all model interactions, implementing least-privilege access for every user, service, and system that interacts with an AI model. Finally, they should enforce AI guardrails with inline inspection across all AI/ML traffic to prevent external malicious activity from compromising AI systems and to stop sensitive data from being exposed via prompts or outputs.
The findings are based on analysis of 989.3 billion total AI and ML transactions in the Zscaler cloud from January 2025 through December 2025.
(Source: Infosecurity Magazine)




