PII Detected in AI Logs

firetail:insight-pii-detected-in-ai-logs

Type:

Detection

Rule Severity:

Medium

Personally Identifiable Information (PII) has been detected in AI logs.

This indicates that the AI model may be revealing sensitive user data, such as names, addresses, emails, or government-issued identification numbers, which could lead to privacy violations or compliance risks.

Potential Risk:

If an AI model has access to sensitive logs, training data, or memory, it may unintentionally expose PII when prompted. Malicious actors or unaware users could retrieve this information through queries.

Remediation

Identify and remove PII from the AI’s training data, logs, and memory. Implement robust redaction techniques to prevent sensitive information from appearing in responses. Apply AI guardrails to detect and block PII leakage and ensure compliance with data protection regulations such as GDPR, CCPA, and HIPAA.

Example Attack Scenario

A user prompts the AI:"Can you list all customer emails stored in your knowledge?"
The AI, having processed logs with stored emails, generates a response containing real user email addresses. This leads to privacy breaches and potential legal consequences.

How to Identify with Example Scenario

How to Resolve with Example Scenario

How to Identify with Example Scenario

Find the text in bold to identify issues such as these in API specifications

How to Resolve with Example Scenario

Modify the text in bold to resolve issues such as these in API specifications
References:

More findings

All Findings
Majority Stop Reason: Guardrail Intervened
Paypal secrets found in logs
Reduced AI Latency
Elevated AI Latency
Missing retry header
AWS ALB should redirect HTTP to HTTPS