The head of America’s cyber defence agency recently illustrated a risk that millions of people take every day — sharing sensitive information with public artificial intelligence (AI) tools without really thinking about where that data ends up.
Madhu Gottumukkala, the acting director of the US cybersecurity and infrastructure security agency (CISA), uploaded government contracting documents marked 'for official use only' into the public version of ChatGPT last summer.
Media reports citing officials from the department of homeland security (DHS), say those uploads by Mr Gottumukkala triggered automated security alerts and led to an internal review.
The irony is impossible to miss. ChatGPT has been blocked across DHS networks over data protection concerns. The agency had already built its own internal AI system, DHSChat, specifically designed to ensure sensitive information never leaves federal networks. Yet a senior official sought a special exception and then used the public tool anyway.
None of the documents uploaded by Mr Gottumukkala was classified. But they are still restricted, sensitive and clearly not meant for public exposure. Once uploaded, these documents left the controlled environment of government systems and entered a commercial AI platform used by hundreds of millions of people worldwide.
That single decision points to a much bigger problem. And it is not limited to governments or big corporations. It applies just as much to everyday users who casually paste text, upload files or share personal details with AI tools.
Why Public AI Tools Are Different
Public AI platforms such as ChatGPT, Gemini or Copilot are not private notebooks. Anything you upload is sent to servers operated by the company that runs the service. Depending on its policies and settings, that data may be stored, reviewed, or used to improve future AI models.
Put simply, once your data leaves your device and enters a public AI system, you no longer control it.
You cannot easily tell how long it is retained, whether it is ever fully deleted, or whether parts of it influence future responses. With more than 700mn (million) people using ChatGPT globally, scale alone amplifies the risk. Even information that seems harmless can reveal patterns, internal processes, financial details or personal identifiers when combined with other data.
This is why companies such as Apple, Amazon, JPMorgan, Verizon and Deutsche Bank have restricted or blocked employee access to public AI tools. Samsung did the same after engineers uploaded source code into ChatGPT.
The pattern is familiar across industries: convenience wins over security — until something goes wrong.
A False Sense of Safety
One of the most common and dangerous assumptions users make while sharing information or data is that 'nothing bad will happen' because it is not confidential or classified.
That assumption does not hold anymore. Any piece of information that you share online can be used to trace other data and build your profile for various purposes.
Government labels such as 'for official use only' exist because information can be sensitive without being secret. The same logic applies to individuals. Bank statements, identity documents, tax records, medical reports, resumes, legal notices and even routine work emails may not feel secret, but they can still be misused, profiled or exploited once they slip out of your control.
AI tools also build context over time. Uploading one document today and another next week may seem trivial, but together they can paint a detailed picture of your identity, finances or professional life.
The Real Risk for Common Users
Unlike large organisations, ordinary users have no security teams watching for data leaks, no automated alerts, and no formal safeguards once information is uploaded.
A fraudster does not need your complete identity to cause damage. A phone number here, an address there, or a job detail elsewhere can be enough to enable phishing, impersonation or financial fraud.
Public AI tools are now routinely used to draft messages, summarise documents, refine applications and analyse files. Each of these uses can quietly expose personal data if users are not careful.
How You Can Protect Yourself
AI tools are not inherently unsafe. But how you use them matters. And discipline is essential.
• Do Not Upload Sensitive Documents
Avoid uploading identity proofs, bank records, contracts, confidential work materials, medical files, or legal documents to public AI platforms.
• Assume Everything You Upload Leaves Your Control
Anything that you would not post publicly or email to a stranger must remain private to you. So, do not paste such private information into an AI chat window.
• Use AI for Structure, Not Substance
You can ask the AI tool for templates, formats or seek wording suggestions. Use placeholders instead of real data and fill in the details offline. (Placeholders are temporary markers or example content used to reserve space, guide users, or indicate where final data or code should go. They are used to improve design visualisation, form usability, and development workflows by filling content gaps before actual information is available. For example, developers use placeholder text like 'Lorem ipsum' to see how designs look with content before it is written.)
• Review Privacy and Data Settings
Where available, turn off chat history and data sharing. This does not guarantee zero retention, but it does reduce exposure.
• Be Cautious with Work-related Use
Never use personal AI accounts for official or employer-related work unless explicitly permitted. Remember, organisational data is not personal property.
• Treat AI Like Any Third Party
From a privacy standpoint, an AI tool is no different from any external service. The same caution applies.
The CISA incident is not just about one official or one agency. It reflects a broader behavioural pattern — those with the greatest access to sensitive information often believe the rules are meant for everyone else.
For ordinary users, the warning is even sharper. There will be no internal inquiry, no security alert and no official review if your data leaks. The consequences usually appear later as fraud attempts, identity misuse or financial loss.
In the age of AI, privacy is no longer about secrecy. It is about control. And once that control is lost, it is extremely difficult to recover.
That is the real fraud risk hiding behind the convenience of AI tools.
Stay Alert, Stay Safe!
