AI Coding Assistants Twice as Likely to Leak Secrets Amid 34% Rise in Overall Data Breaches
The number of sensitive data leaks via public GitHub commits surged 34% in 2025
The number of sensitive data leaks via public GitHub commits surged 34% in 2025, with AI-powered coding assistants being twice as likely to be involved in these incidents, according to a recent report by GitGuardian.
Main Findings
The study, which analyzed data from 2025, found that the total number of leaked secrets reached approximately 28.65 million, up from 21 million in the previous year.
Notably, the report revealed that commits co-authored by AI assistants, such as Claude Code, were more prone to leaking secrets, with 3.2% of these commits containing sensitive data, compared to 1.5% of human-authored commits.
AI-Related Secrets Leaks
The study also highlighted the growing problem of AI-related secrets being leaked, with 1,275,105 such incidents recorded in 2025.
Secrets tied to supporting infrastructure, such as orchestration tools and vector storage, were five times more likely to be leaked than those related to core services like OpenAI or Anthropic.
Exposed Secrets
Furthermore, the report found that over 24,000 secrets were exposed via public model context protocol (MCP) configurations in the first year of the protocol’s adoption.
A significant proportion of the exposed secrets discovered in previous years remained valid in 2025, with 64% of secrets exposed in 2022 still active.
Shai-Hulud Supply Chain Attack
The Shai-Hulud supply chain attack in late 2025 also revealed the extent of secrets present on developers’ machines, with nearly 300,000 secret occurrences tracked, 33,185 unique secrets identified, and 3,760 found to still be valid at the time of analysis.
Internal Repositories
In addition to public GitHub activity, the report found that internal repositories were also vulnerable to secrets exposure, with about a third of these repositories containing hardcoded secrets.
This poses a significant risk in the event of a developer compromise, insider threat, or failure to remove these secrets when repositories are later published.
Collaboration Tools
The report also highlighted the risks associated with copying and pasting plaintext credentials and access keys into collaboration tools like Slack, Jira, and Confluence, which accounted for 28% of internal incidents.
These incidents were more likely to be classified as high or critical severity, with 91% of incidents falling into this category.
Exposed GitLab and Docker Instances
Finally, the report found that about 80,000 secrets were publicly exposed due to self-hosted GitLab and Docker instances being inadvertently exposed to the internet, with about 10,000 of these secrets found to be valid, posing a significant risk.
Mitigation
To mitigate these risks, organizations should prioritize the secure storage of secrets in a centralized vault and automate the rotation of secrets.
About Author
English