Skip to content

Photo by iStock

43 Percent of Workers Plug Sensitive Work Information into AI Tools

By Claire Meyer
6 October 2025

Today in Security

Nearly two-thirds of the 6,500 individuals across seven countries polled by the National Cybersecurity Alliance (NCA) and CybSafe said they now use artificial intelligence (AI) tools—a 21 percent jump from last year. Despite the rapid adoption, 58 percent of users reported receiving no training on security or privacy risks related to AI use.

Safe practices are lagging so far behind that organizational data is increasingly at risk, found the report, Oh Behave! The Annual Cybersecurity Attitudes and Behaviors Report 2025-2026. Most users said they use ChatGPT and other AI-based chat tools, and 43 percent said they share sensitive workplace information with AI tools without their employers’ knowledge, including internal company documents (50 percent), financial data (42 percent), and client data (44 percent).

Users may be unaware (or uncaring) that interactions with chatbots are typically added to those systems’ training data, so any information input no longer is strictly private, ZDNet reported. “Paired with a lack of proper security training, this could land individuals and businesses hoping to streamline workflows and improve productivity in hot water,” the article said.

“People are embracing AI in their personal and professional lives faster than they are being educated on its risks,” said Lisa Plaggemier, executive director of the NCA, in a press release. “Without urgent action to close this gap, millions are at risk of falling victim to AI-enabled scams, impersonation, and data breaches.”

That’s not to say users don’t recognize the risks inherent in AI tools and growth. Nearly two-thirds of respondents expressed concern about AI-related cybercrime. They are particularly worried about AI making it easier to impersonate people (65 percent) and make it harder to distinguish between false and real information (67 percent).

Cybercrime victimization—including cryptocurrency scams, phishing, identity theft, tech support scams, and romance fraud—has risen sharply, with 44 percent of respondents reporting they experienced cybercrime that led to data or monetary loss. That marks a 9 percent increase from last year’s report. Younger generations were hit hardest, with more than half of the Gen Z and Millennial respondents reporting losses.

Further contributing to this environment, cybersecurity training overall is falling behind, the report said. More than half of survey participants said they have no access to cybersecurity training, and among those with access, only 32 percent use it. Users skip training because of time constraints and doubts about its effectiveness. But that lack of training and buy-in has real-world consequences, including data breaches and financial losses, the report said.

Focus on Warehouse and Distribution Center Security

How to Secure the Modern Warehouse

Phantom Freight Scams Boost Cargo Crime Rates

Why Violence Risk in High-Turnover Environments Is a Leadership and HR Governance Problem

Scrap Disposal: When the End of the Supply Chain Becomes a Brand and Public Safety Risk

Scan Here for Security

Best of Security Management

How to Create and Maintain an Effective SOC

A Cascading Crisis: U.S. Federal Prisons Grapple with Decades of Unsafe Understaffing

The Other Side of the Looking Glass: Providing Security for Marches and Rallies

Is Your Workplace Toxic? Here's What You Need to Do

Preventing Workplace Violence: Holistic Support Starts with Listening to Nurses

What to Add to a Rules of Engagement Document
arrow_upward