AI Financial Advice Adoption Soars Amid Critical Data Privacy Warnings
A sharp rise in American reliance on AI for financial tasks coincides with alarming risks regarding data harvesting, indirect prompt injections, and the potential for models to store personal information for training.
A significant surge in the adoption of artificial intelligence for financial management has brought urgent concerns regarding data privacy and security to the forefront. According to a survey conducted by TD Bank in March 2026, 55 per cent of Americans now utilise AI to help manage their finances, a stark increase from just 10 per cent the previous year.
Despite the growing popularity of these tools, security researchers warn that a substantial portion of users continue to input highly sensitive personal data into large language models. A 2024 survey by Cisco revealed that up to 29 per cent of AI users share account numbers and other financial information, even though the majority acknowledge the risks involved.
The potential consequences of this behaviour extend beyond simple data leakage. Research conducted by Stanford University in 2025 suggests that sensitive information shared with major US large language models may be collected and used for training purposes. Lead author Jennifer King noted that almost no research has been conducted to examine the privacy practices of these emerging tools, leaving users vulnerable to data harvesting.
Cybercriminals are also exploiting vulnerabilities through a technique known as indirect prompt injection. Security firm Norton explains that malicious actors can hide prompts within web pages, documents, or emails to trick an AI into revealing passwords or bypassing safety filters. Once compromised, stolen data can be used to open fraudulent accounts or sold on the dark web.
Further risks include the exposure of complete chat histories. NordPass has warned that malicious actors could potentially view all conversations, including any sensitive data shared with the AI tool. Additionally, inputting creative works or scripts into these models could result in content replication, stripping users of ownership rights and exposing them to legal and financial risks.
Experts consistently advise against sharing real names, addresses, phone numbers, Social Security numbers, and specific dollar amounts with AI tools. To mitigate these risks, users are urged to enable privacy settings where available, utilise made-up data for queries, clear chat histories, and verify the legitimacy of the website they are accessing.
