AI Insider Threat: Claude Cowork's Data Exfiltration Risk

Your AI agent could become your biggest insider threat. While many focus on external bad actors, a breach could also come from an insider guiding an AI tool. Here's the thing: DTEX researchers found that a common workflow in Anthropic’s Claude Cowork, used in corporate environments, offers convenience but also grants near-total system access. Claude Cowork includes tools like Dispatch, which relays commands from a user’s phone to their desktop Claude agent. There’s also a plugin for Salesforce AI agents that can access and transfer data. DTEX tested scenarios where Claude summarized Salesforce information into an Outlook email and archived and transferred files. In both cases, simple prompts led to data exfiltration in just 10 to 30 minutes. The speed of these AI tools, combined with direct network access, creates a significant insider threat. This matters because organizations must now monitor for both malicious actors and potential mistakes from legitimate employees using these powerful AI tools.