Employees could be opening up to OpenAI in ways that put sensitive data at risk. According to a study by security biz LayerX, a large number of corporate users paste Personally Identifiable Information (PII) or Payment Card Industry (PCI) numbers right into ChatGPT, even if they’re using the bot without permission.

In its Enterprise AI and SaaS Data Security Report 2025, LayerX blames the growing, largely uncontrolled usage of generative AI tools for exfiltrating personal and payment data from enterprise environments.

With 45 percent of enterprise employees now using generative AI tools, 77 percent of these AI users have been copying and pasting data into their chatbot queries, the LayerX study says. A bit more than a fifth (22 percent) of these copy and paste operations include PII/PCI.

“With 82 percent of pastes coming from unmanaged personal accounts, enterprises have little to no visibility into what data is being shared, creating a massive blind spot for data leakage and compliance risks,” the report says.

About 40 percent of file uploads to generative AI sites include PII/PCI data, it’s claimed, with 39 percent of these uploads coming from non-corporate accounts.

LayerX monitors data in the browser via an enterprise browser extension, meaning that the company sees only web-based AI interaction and not API calls from apps.

Or Eshed, CEO of LayerX, in response to a question from The Register about whether AI data leakage has caused actual harm, pointed to Samsung’s decision in 2023 to temporarily ban staff usage of ChatGPT after an employee reportedly uploaded sensitive code to the chatbot. He said that having enterprise data leak via AI tools can raise geopolitical issues (e.g. with Chinese AI models like Qwen), regulatory and compliance concerns, and lead to corporate data being inappropriately used for training if exposed through personal AI tool usage.

Users embrace ChatGPT, shun Copilot

The LayerX report says that app usage through non-corporate accounts (shadow IT) is common not only for generative AI (67 percent), but also for chat/instant messaging (87 percent), online meetings (60 percent), Salesforce (77 percent), Microsoft Online (68 percent), and Zoom (64 percent).

In a surprising endorsement of shadow IT, Microsoft recently said it will support personal Copilot account usage in corporate Microsoft 365 accounts. That may be a reflection of Microsoft’s discomfort with the dominance of OpenAI’s ChatGPT, which LayerX says has become the de facto enterprise standard AI tool.

“Amongst all AI apps, ChatGPT dominates enterprise AI usage, with over 9 in 10 employees accessing it compared to far lower adoption of alternatives like Google Gemini (15 percent), Claude (5 percent), and Copilot (~2–3 percent),” the report says, adding that most people (83.5 percent) use just one AI tool.

“We see that users have a preferred AI platform and even if the business has an ‘official’ AI or a licensed one, users pick whatever they want,” Eshed told The Register in an email. “In this case, it is overwhelmingly ChatGPT. In other words, users prefer ChatGPT.”

Asked about the survey’s figures on Microsoft Copilot adoption in enterprises, Eshed cited a report claiming that Microsoft had “a 1.81 percent conversion rate across the 440 million Microsoft 365 subscribers” and noted that number “is almost identical to our findings (about 2 percent).”

ChatGPT’s enterprise penetration comes to 43 percent, LayerX’s report says, approaching the popularity of applications like Zoom (75 percent penetration) and Google services (65 percent) while surpassing the penetration of Slack (22 percent), Salesforce (18 percent), and Atlassian (15 percent).

Overall, the LayerX report finds AI usage in the enterprise is growing rapidly, accounting for 11 percent of all application usage, just behind email (20 percent), online meetings (20 percent), and office productivity applications (14 percent).

Employee affinity for generative AI, the security firm argues, means that CISOs have to get serious about enforcing Single Sign-On (SSO) across every business critical applications if they want to have visibility into data flows.

Asked to provide specifics about the number of customers contributing data for the report, a LayerX spokesperson replied that the company did not want to reveal exact figures on its customer base.

Eshed said LayerX’s client base consists of “dozens of global enterprises and large enterprises (1,000-100,000 users) primarily in financial services, healthcare, services and semiconductors. Most of our customers are in North America but we have customers in all 5 continents and any vertical.” ®