Sensitive Information Disclosure
LLM revealing PII or confidential data.
What is Sensitive Information Disclosure?
Sensitive Information Disclosure occurs when an LLM inadvertently reveals confidential data, proprietary algorithms, or other sensitive details in its responses.
This can happen because:
- Training Data Leakage: The model was trained on sensitive data (e.g., PII, secrets) and memorized it.
- Context Leakage: Sensitive data provided in the prompt (e.g., via RAG) is leaked to the user.
- Inadequate Filtering: The application fails to filter sensitive patterns (like emails or credit card numbers) from the output.