The digital workplace has a serious data problem. Zscaler’s newly released 2025 Data@Risk Report exposes alarming trends that should concern every business leader and IT professional.

Based on analysis of 1.2 billion individual data exchanges from the Zscaler Zero Trust Exchange, this report is based on real-world data loss incidents that were actually blocked throughout 2024.

Four Key Findings That Demand Attention

1. AI Tools Are Leaking Sensitive Data

• 1.3 million social security numbers leaked to AI tools alone
• 4.2 million data violations across AI applications like ChatGPT and Microsoft Copilot
• Most leaked data: SSNs, source code, medical information, and full names

2. Software-as-a-Service (SaaS) Applications Present Massive Risk

• 872 million violations across more than 3,000 SaaS applications
• Top offenders: Datadog, Cisco Webex, Salesforce, Microsoft SharePoint, Google Drive
• Common leaked data: SSNs, credit card numbers, medical records

3. Email Remains a Major Problem

• 104 million transactions contained data leaks
• Most leaked: medical data, source code, SSNs, financial information
• Microsoft Exchange and Gmail both showing significant vulnerabilities

4. File-Sharing Services Show Massive Data Exposure

• 212 million transactions with data violations across file-sharing platforms
• 26.6 billion instances of source code leaked through file-sharing apps
• Popular platforms like Google Drive, OneDrive, Dropbox all affected

Geographic Impact

The United States leads globally in data loss violations, followed by India, United Kingdom, Singapore, and Brazil.

What This Means for Today’s Organizations

 Zscaler’s 2025 Data@Risk Report showcases real data exposures that could impact:

• Customer privacy and trust
• Regulatory compliance (GDPR, HIPAA, etc.)
• Intellectual property protection
• Financial security

Modern Solutions

This release emphasizes the need for unified, AI-powered data security that covers all channels, not just traditional network perimeters. Organizations need:

1. AI-powered data discovery and classification
2. Comprehensive data loss prevention (DLP)
3. Zero-Trust architecture implementation
4. Continuous monitoring across all platforms

Bottom Line

As AI adoption accelerates and cloud-first strategies dominate, traditional security approaches are failing. The data shows the truth: enterprises are inadvertently exposing massive amounts of sensitive information through everyday AI-powered business tools.

The question isn’t whether your organization is at risk, it’s how quickly you’ll adapt your security strategy to address these realities.

Read the Zscaler 2025 Data@Risk Report now. →

Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author and do not necessarily reflect the views of the National Science Foundation.

This blog post was brought to you by a student researcher at Claremont Graduate University, Center for Information Systems and Technology. Visit Claremont Graduate University Center for Information Systems and Technology to explore our comprehensive cybersecurity training programs and stay ahead of today’s evolving threats. →