Or Eshed, the CEO of LayerX, a browser-security research company emphasised the scale of the threat in the LayerX Browser Security Report for 2025
Their research found that:
-
Sensitive information is now more likely to leave an organisation through clipboard copying than through uploading files.
-
77% of employees copy sensitive info into AI tools,
-
46% copy data into personal file storage,
-
Others paste directly into chat apps, prompts, unmanaged browser accounts, etc.
This bypasses traditional security tools because data moved through the clipboard is “fileless”, so it doesn’t trigger file-based data loss protections.
Why is copy-paste so risky?
1. Clipboard data can be captured
Some browser extensions or malicious tools can:
-
Access what you copy
-
Collect credentials, personal information, or payment data
-
Monitor pasting into external or unmanaged services
2. Users copy sensitive info into unsafe locations. Employees frequently paste:
-
Work documents
-
Customer data
-
Payment data
-
Internal system information
into AI tools, chats, shared drives, and personal accounts that the company cannot secure.
3. Data bypasses security barriers
Because no file is created, traditional DLP (data loss prevention) tools don’t detect what’s leaving the system.
How does the threat happen?
1. Through the browser. LayerX found that:
-
99% of enterprise users have at least one browser extension
-
Over 50% of extensions have high or critical permissions
-
26% of them are sideloaded, meaning they were installed outside official stores
-
These extensions can access cookies, session tokens, tabs, and clipboard contents.
This gives attackers near-system-level access without needing to hack the device.
2. Through AI tools and chat apps. People paste data into ChatGPT and other AI bots, messaging apps, personal email, and cloud storage in unmanaged accounts.
Eshed explained that all of these create blind spots where the company has no visibility.
Currently, companies have shifted focus mainly to controlling file uploads and blocking suspicious downloads.
Meanwhile, clipboard-based leaks have quietly become the dominant way sensitive data escapes.
LayerX advises users to be cautious both when installing extensions and when copying anything that contains sensitive details.
