Hybrid Cloud
Cyber Security & NaaS
AI & Data
IoT & Connectivity
Business Applications
Intelligent Workplace
Consulting & Professional Services
Small Medium Enterprise
Health and Social Care
Industry
Retail
Tourism and Leisure
Transport & Logistics
Energy & Utilities
Banking and Finance
Sports
Smart Cities
Information leaks in AI: the risk to sensitive data, reputation and compliance
Generative AI has accelerated the digitalisation of processes across all sectors. Its use now extends to critical business functions, from virtual assistants and recommendation engines to corporate copilots. But with this adoption comes a key question: what happens to sensitive data when interacting with these models?
According to OWASP, one of the main threats posed by generative models is the unintentional exposure of sensitive data. Its classification LLM02:2025 Sensitive Information Disclosure identifies it as a critical risk, especially in environments where AI has access to personal data, intellectual property or confidential documentation.
So, when we talk about information leaks in AI environments, we’re not just referring to sophisticated cyberattacks. A poorly designed prompt, a default configuration or uncontrolled exposure is enough for sensitive data to end up where it shouldn’t, often without anyone noticing.
From prompts to loss of control
A common leakage vector is the combination of open prompts with connectivity to internal sources or SaaS applications. For example, a corporate assistant connected to a CRM or a document base without proper filters could return critical information to unauthorised users simply for having asked using the right words.
A misconfiguration or poorly designed prompt can expose sensitive data without anyone realising it.
To this we must add inference or context extraction attacks, where a user may reconstruct part of the training data or model history, even without direct access to the original data.
Additionally, the risk increases in collaborative environments where multiple people share a system. A configuration error could expose personal data, intellectual property or sensitive information.
Impact on compliance, reputation and trust
Information leakage in AI is not just a technical incident. It is a failure that can damage the trust of customers, employees, partners and regulators. In regulated sectors such as healthcare, finance or public administration, it can lead to penalties for breaching regulations such as the GDPR, the Artificial Intelligence Act or the NIS2 directive. Even outside the legal framework, reputational damage and loss of trust can threaten business continuity.
Unlike other types of breaches, AI-related leaks are harder to trace. The model does not store data like a traditional database, but it can generate content that reveals sensitive information if that information was exposed during training, operation or through queries to internal repositories via architectures like RAG, as explained in our article on retrieval poisoning.
Information leaks in AI are not technical errors. They are failures that compromise trust, compliance and business continuity.
That is why traceability and supervision of interactions with AI models have become a priority for organisations seeking to move forward without compromising their critical information.
A comprehensive strategy to mitigate risk
At Telefónica Tech we address this risk with a comprehensive perspective, aligned with our Secure Journey to AI framework. Preventing information leaks requires combining technology, governance and continuous oversight.
- Risk identification. We conduct audits on access and usage to detect insecure configurations, unauthorised access or unintended exposure. This includes analysis of prompts, activity logs and data flows across the system.
- Active protection. We implement IAM (Identity and Access Management) controls, DLP (Data Loss Prevention) policies, information classification and permission segmentation. All reinforced with strong authentication mechanisms and role-based access control.
- Monitoring and response. We establish prompt and response traceability, monitor system activity with advanced telemetry and trigger alerts in case of anomalous behaviour. Our AI-specialised SOC enables a rapid response to any indication of leakage or unauthorised access.
Security is not a barrier to AI. It is the condition that enables its value without taking unnecessary risks.
Conclusion
AI models are not infallible, but they can operate securely if protection measures, access controls and continuous oversight are in place.
Organisations that integrate security from the outset, track the use of their models and supervise the data being processed will be better prepared to prevent leaks, meet regulatory requirements and protect their competitive edge.
■ At Telefónica Tech, we understand security as an enabler: a condition that allows AI to deliver real value without putting what matters at risk. In an environment where every piece of data counts, protecting information is key to safeguarding both business operations and reputation.
