- Genai tools like ChatGPT are redefining shadow IT risks in corporate environments, report finds
- Employees pasted PII/PCI into Genai tools, primarily from unmanaged personal accounts
- Companies face significant blind spots in data leakage and compliance due to unsupervised use of Genai, experts say.
ChatGPT and other generative artificial intelligence (Genai) tools are transforming what “shadow risk” means, new research has found, as employees are becoming too open, and many have even provided personally identifiable information (PII) or payment card industry (PCI) information to the tool voluntarily.
Shadow IT is the practice of using programs and applications in a business environment that have not been approved or vetted by the IT Security Department. Employees often use apps that aren’t allowed because it’s easy and convenient: things like web-based image-to-PDF converters, WhatsApp, personal cloud storage solutions like Dropbox, and the like.
But Layerx research claims this is opening businesses up to all sorts of cyber risks, from the introduction of malware and ransomware into corporate infrastructure, to leaking sensitive data through unprotected cloud storage or uploading classified documents to shady services.
Pasting secrets
The company’s latest AI and SaaS Data Security 2025 report found that nearly half (45%) of enterprise employees are now using generative AI in one form or another.
Of those, more than three-quarters (77%) have been copying and pasting data into the tool, and almost a quarter (22%) have done the same with PII/PCI.
“With 82 percent of money coming from unmanaged personal accounts, companies have little to no visibility into what data is being shared, creating a massive blind spot for data leakage and compliance risks,” the report says.
Additionally, approximately two in five files uploaded to generative AI sites also contain this type of information, while 39% of these uploads come from non-corporate accounts.
ChatGPT is by far the most popular Genai tool, with over 90% of employees using it. The vast majority (about 83%) use only one tool. Other notable mentions include Gemini (15%), Claude (5%), and Copilot (around 3%).
Through The record
Follow TechRadar on Google News and Add us as a preferred source To get our news, reviews and expert opinion in your feeds. Make sure you click the Force button!
And of course you can too Follow TechRadar on Tiktok For news, reviews, decryptions in video form and get regular updates from us on WhatsApp also.
