Glossary term
Glossary term
Security
The exposure of confidential, personal, regulated, or proprietary information through AI inputs, logs, outputs, integrations, or model behavior. Controls include data minimization, filtering, access control, and monitoring across the whole flow: user inputs, prompts, vector stores, model calls, application logs, telemetry, support tickets, and generated outputs.
OWASP LLM02:2025 Sensitive Information Disclosure remains a top category in the 2025 OWASP Top 10 for LLM Applications.
Samsung's March 2023 leak of source code and meeting notes through ChatGPT is a landmark example of sensitive information disclosure through AI usage.
The OpenAI ChatGPT redis-py bug in March 2023 exposed some users' titles, first messages, and partial payment information, triggering the Italian Garante action.