Ai Fuels Costly Corporate Data Breach Ibm Report
As US companies race to embed artificial intelligence (AI) into everyday work, they are discovering a hidden cost: bigger, more expensive data breaches, reported Xinhua.
The "Cost of a Data Breach 2025" report, published by IBM on Wednesday, revealed that 13 percent of the 600 organisations studied suffered breaches involving their own AI models or applications.
Crucially, basic access controls were missing in 97 percent of those cases.
The report also found that attackers are turning the technology against its creators: one in six breaches involved criminals using AI tools, primarily to craft convincing phishing emails and deepfake impersonations.
So-called "shadow AI", systems employees deploy without authorisation, proved even costlier. Twenty percent of respondents blamed their breach on unsanctioned AI, which added approximately US$670,000 to the average loss.
When "shadow AI" was present, overall breach costs rose to US$4.74 million, compared with US$4.07 million when it was absent.
Recent incidents illustrate how seemingly minor AI security oversights can spiral. In 2023, a single misconfigured Azure sharing link in a Microsoft AI research repository exposed 38 terabytes of internal files and over 30,000 Teams messages.
That same year, Samsung temporarily banned generative AI tools after engineers pasted confidential chip designs into ChatGPT, risking sensitive leaks.
Even AI providers themselves are vulnerable. A March 2023 bug in OpenAI's ChatGPT service briefly exposed some users' payment addresses and partial card details.
Addressing gaps
Despite such warnings, 87 percent of companies still lack governance policies or processes to mitigate AI risks, even though supply chain compromises already trigger nearly one-third of AI-related breaches.
To address these gaps, analysts emphasise that security starts with identity: organisations must enforce strict credential management for both staff and algorithms, rotate keys frequently, and encrypt all data used to train or prompt models.
Quarterly "AI health checks" that bring business and security leaders together can identify unauthorised projects, while automated threat-detection platforms help understaffed teams distinguish genuine threats from false alarms.
The report concludes: "Security AI and automation lower costs, while shadow AI raises them."
Organisations with mature controls reduced breach costs by nearly 40 percent.
The report noted that with the average US breach now costing US$10.22 million and regulators from Brussels to Washington drafting new rules for data-hungry algorithms, boards had a clear financial motive.
They need to treat every model, notebook and chat interface as a critical asset protected by multifactor authentication, time-limited sharing links and continuous audits before the next wave of smart machines arrives.
- Bernama
Artikel ini hanyalah simpanan cache dari url asal penulis yang berkebarangkalian sudah terlalu lama atau sudah dibuang :
http://malaysiansmustknowthetruth.blogspot.com/2025/08/ai-fuels-costly-corporate-data-breach.html
PING BABAB : Raksasa Aggregator Malaysia
