Report by Harmonic Security

GenAI in the Enterprise: It’s Getting Personal

7 FINDINGSPublished Nov 13, 2025

View Original Report →

Key Findings

15% of all sensitive data uploaded to generative AI tools involves personal or employee data, including identifiers such as names and addresses.

Harmonic SecurityGenAI in the Enterprise: It’s Getting Personal ·Nov 13, 2025

Gen AISensitive dataPersonal dataEmployee dataPII

The average enterprise uploaded more than three times as much data to generative AI platforms in Q3 2025, with 4.4GB compared to 1.32GB in Q2 2025.

Harmonic SecurityGenAI in the Enterprise: It’s Getting Personal ·Nov 13, 2025

Gen AI

25% of all sensitive data disclosures involve technical data, with 65% of that consisting of proprietary source code copied into generative AI tools.

Harmonic SecurityGenAI in the Enterprise: It’s Getting Personal ·Nov 13, 2025

Gen AISensitive dataTechnical dataProprietary source code

12% of all sensitive data exposures originate from personal accounts, including free versions of generative AI tools.

Harmonic SecurityGenAI in the Enterprise: It’s Getting Personal ·Nov 13, 2025

Gen AISensitive dataPersonal Gen AI account

The average organization used 27 distinct AI tools in Q3 2025, down from 23 new tools introduced in Q2 2025.

Harmonic SecurityGenAI in the Enterprise: It’s Getting Personal ·Nov 13, 2025

Gen AIAI tools

57% of sensitive data uploaded to generative AI tools is classified as business or legal data, with 35% of that involving contract or policy drafting.

Harmonic SecurityGenAI in the Enterprise: It’s Getting Personal ·Nov 13, 2025

Gen AISensitive dataBusiness dataLegal data

26.4% of all file uploads to generative AI tools contained sensitive data between July and September 2025, an increase from 22% in Q2 2025.

Harmonic SecurityGenAI in the Enterprise: It’s Getting Personal ·Nov 13, 2025

Gen AISensitive data