Of these incidents involving Chinese GenAI tools, the exposed data types included: 32.8% involving source code, access credentials, or proprietary algorithms; 18.2% including M&A documents and investment models; 17.8% exposing PII such as customer or employee records; and 14.4% containing internal financial data.

Harmonic Security•7/31/2025•

AIGen AI

15% of Google Gemini use by employees was via personal accounts.

Harmonic Security•7/31/2025•

AIGen AI

13.7% of all sensitive prompts analysed in Q2 originated in Microsoft Copilot.

Harmonic Security•7/31/2025•

AIGen AI

Code leakage was the most common type of sensitive data sent to GenAI tools.

Harmonic Security•7/31/2025•

AIGen AI

Generative AI (GenAI) was involved in 70% of real-world AI security incidents.

Adversa AI•7/31/2025•

AIAI security incidents

2.5% of all sensitive prompts analysed in Q2 originated in Claude.

Harmonic Security•7/31/2025•

AIGen AI

5.0% of all sensitive prompts analysed in Q2 originated in Google Gemini.

Harmonic Security•7/31/2025•

AIGen AI

In Q2, the average enterprise saw 23 previously unknown GenAI tools newly used by their employees.

Harmonic Security•7/31/2025•

AIGen AI

47.42% of sensitive employee uploads to Perplexity were from users with standard (non-enterprise) accounts.

Harmonic Security•7/31/2025•

AIGen AI

Sensitive data in files sent to GenAI tools showed a disproportionate concentration of sensitive and strategic content compared to prompt data, with files being the source of 79.7% of all stored credit card exposures, 75.3% of customer profile leaks, 68.8% of employee PII incidents, and ◦ 52.6% of total exposure volume in financial projections.

Harmonic Security•7/31/2025•

AIGen AI

26.3% of ChatGPT use by employees was via personal accounts.

Harmonic Security•7/31/2025•

AIGen AI