Shadow AI invades the workplace, up 4x in the last year

You know about shadow IT. Get ready for the shadow AI surge. Employees using unauthorized personal accounts to access GenAI tools are emerging as a growing insider-risk concern for organizations, new research shows. That means workers who have access to sensitive material could be plugging it into their AI platform of choice more frequently, leaving their organization none the wiser. Of the 45 percent of all professionals using AI in the workplace regularly, 67 percent of those were accessing the platforms using personal accounts that were not authorized by their IT teams, data from Verizon's annual data breach investigations report (DBIR) [PDF] showed. Verizon said that the proportion of users accessing AI through personal accounts now represents a fourfold increase in non-malicious insider actions detected across this year's dataset of more than 22,000 breaches globally. We're not just talking about the Gemini, Claude, ChatGPT, and Grok, but also various vibe coding platforms, AI agents, and other external chatbots that could have access to an organization's data in some form. Verizon reported that 28 percent of data loss prevention policy violations involved employees entering source code into an AI tool, potentially exposing an organization's intellectual property. In descending order of prevalence, staff were tossing images, structured data, documents, and PDFs into GenAI platforms as well. In 3.2 percent of cases, workers were uploading proprietary research and technical documentation. This should concern even the most bullish AI adopters, given the volume of potentially sensitive corporate data employees are feeding into unauthorized third-party AI services each day. Verizon said admins should be doing everything they can to prevent users from blindly trusting technology that is putting an increasing number of systems between this potentially sensitive data and the model itself, including by securing all enterprise asset configurations, and ensuring accounts and their permissions are tightly managed. The prevalence of shadow AI has given rise to new thinking around the matter, including by evolving the idea of software bill of materials (SBOMs) to AI-BOMs. You may have come across these already. Cisco open-sourced its AI-BOM earlier this year, for example, and more recently introduced a tool to track AI model provenance. Ian Swanson, VP of AI security products at Palo Alto Networks, told us the other week that AI-BOMs can also play an impactful role in helping incident responders deduce how cyberattacks play out in cases where the attackers use an organization's own AI against it. AI-BOMs give defenders an idea of what any given AI system's configurations were at a given time, allowing them to more easily see what changed and when. "If you had understanding of state and understanding of state changes, then you would be able to go back to an AI bill of materials and say: 'What system prompt was used within the ingredients to create the AI application?' And then see it's changed from a prior state to a new state. So we should probably check this and see if there's anything bad that's happening here," Swanson said. "And in that case, you'd be able to catch it." Bugs, bugs, bugs Away from the growing issue of shadow AI, Verizon said the exploitation of software vulnerabilities is once again the leading cause of security breaches, overtaking credential abuse, which is down 13 percent on last year's results. Organizations' patching habits aren't doing much to help the cause here. The percentage of critical vulnerabilities from CISA's Known Exploited Vulnerabilities (KEV) catalog that were fully remediated was down from 38 to 26 percent in 2025, for example. Verizon also said that the median time to full vulnerability resolution rose by nearly two weeks, from 32 days in 2024 to 43 days last year. That said, defenders have had their work cut out for them, with the number of critical vulnerabilities needing remediation increasing by 50 percent on average. Elsewhere, ransomware featured in nearly half of all breaches covered in the report. Forty-eight percent of them, to be exact, up slightly from 44 percent in the previous year's dataset. Some bright news to end on, however: Verizon continues to see a downward trend in ransom payments being made - 69 percent of victims refused to pay, while the median ransom payment fell from $150,000 to $139,875. (R)