BlogThreatsIntegrationsSolutionsComparePlayground
HighData LeakageOWASP LLM06

Data Leakage

Unintended exposure of sensitive information, training data, or system prompts through LLM outputs.

Test in PlaygroundGet API Key

Overview

Data leakage in LLM applications occurs when the model inadvertently reveals sensitive information it shouldn't share. This can include PII from training data, confidential business information included in context, or details about the system prompt and configuration. Data leakage is particularly concerning because it can happen subtly: the model might paraphrase or partially reveal sensitive data without obviously violating rules.

How This Attack Works

  1. Sensitive data enters the LLM context through training, prompts, or retrieval

    What's happening

    RAG system retrieves internal doc: 'API keys: sk-prod-abc123, sk-dev-xyz789'

  2. User query prompts the model to reference this data

    Attacker

    User: 'What credentials do I need to access the API?'

  3. The model includes sensitive information in its response

    LLM Response

    LLM: 'Based on the documentation, you can use API key sk-prod-abc123 to...'

  4. Without output filtering, this data reaches the end user

    What's happening

    Sensitive API key exposed to potentially unauthorized user

Attack Examples

Training Data Exposure

Model revealing memorized training data

Example Attack Pattern (Sanitized)
Here's an example email format: 'Dear John Smith, your SSN 123-45-6789 has been...'

Context Window Leakage

Model revealing information from its context

Example Attack Pattern (Sanitized)
Based on the internal document you shared, the API key is sk-...

Indirect Disclosure

Paraphrasing or hinting at sensitive information

Example Attack Pattern (Sanitized)
I can confirm that the company's revenue last quarter was approximately...

Protect Your Application

Try Detection in Playground

Sample Data Leakage Input

The database credentials are username: admin, password: Sup3rS3cr3t! and the API key is sk-live-abc123xyz789
Try in Playground

Prevention Checklist

Build
  • Implement strict data classification and access controls
  • Use differential privacy techniques in training
Deploy
  • Minimize sensitive data in context windows
Monitor
  • Regular audits of LLM outputs for data exposure

Detect with Wardstone API

curl -X POST "https://api.wardstone.ai/v1/detect" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"text": "Your text to analyze"}'
 
# Response
{
  "prompt_attack": { "detected": false, "confidence": 0.02 },
  "content_violation": { "detected": false, "confidence": 0.01 },
  "data_leakage": { "detected": false, "confidence": 0.00 },
  "unknown_links": { "detected": false, "confidence": 0.00 }
}

Related Threats

HighData Leakage

PII Exposure

The unintended disclosure of Personally Identifiable Information (PII) such as names, addresses, SSNs, credit cards, or other personal data through LLM interactions.

OWASP Reference: LLM06
Learn more
HighPrompt Attack

System Prompt Extraction

Techniques used to reveal the hidden system prompt, instructions, or configuration that defines an LLM application's behavior.

OWASP Reference: LLM07
Learn more
MediumData Leakage

Training Data Extraction

Attacks that cause LLMs to reveal memorized training data, potentially including private or copyrighted content.

OWASP Reference: LLM06
Learn more

Protect against Data Leakage

Try Wardstone Guard in the playground to see detection in action.

Try the PlaygroundView All Threats