Breach report
Samsung's ChatGPT leak: proprietary source code pasted into a chatbot, and a company-wide ban
What happened
In April 2023, engineers at Samsung's semiconductor division used ChatGPT as a work aid and, in doing so, pasted sensitive internal material — including proprietary source code — into the chatbot. Because ChatGPT is an external service, that data left Samsung's control the moment it was submitted.
By late April 2023 Samsung responded with a memo banning generative-AI chatbots for employees, and the incident was reported by Bloomberg on May 2, 2023. Samsung's stated concern was that data shared with services like OpenAI, Microsoft, and Google is stored on those companies' servers with no straightforward way to retrieve or delete it, and that — given default settings retain chat history for model training — sensitive information could potentially surface to other users. No external attacker was involved; the leak was a self-inflicted "shadow AI" exposure, where employees adopt a powerful external tool faster than the organization governs it.
Root cause
Confidential data was sent to an unsanctioned third party with no data-handling controls. The engineers treated a public LLM as a private scratchpad. There was no technical boundary preventing proprietary code from being pasted into an external service, and no enterprise agreement governing retention or training use. This is OWASP LLM02 Sensitive Information Disclosure (CWE-200) at the process level — the exposure was in how the tool was used, not in a software flaw.
How it would have been caught
Data-loss-prevention monitoring on outbound traffic to consumer AI endpoints — flagging source code or classified strings leaving for chat.openai.com and similar — would have surfaced the behavior. An acceptable-use policy paired with an approved, contractually governed enterprise AI option (with training opt-out and retention controls) removes the incentive to use the consumer product.
How to prevent it
- Provide a sanctioned enterprise LLM with a no-training / no-retention agreement, so employees have a safe path.
- Deploy DLP that inspects and blocks sensitive content (source code, secrets, regulated data) sent to unapproved AI services.
- Publish and train on a clear acceptable-use policy for generative AI.
- Prefer self-hosted or contractually isolated models for confidential workloads.
The Breachwire test (red → green)
From a managed endpoint, attempt to submit a marked proprietary code snippet to a consumer AI service and confirm it goes through unblocked (RED — data exfiltration path is open). Deploy the DLP rule and stand up the sanctioned enterprise option, then confirm the same submission is blocked and logged while an employee using the approved tool can still get help.