NHI proliferation and LLMjacking are reshaping identity governance

At a glance

What this is: This is a year-end analysis of NHI growth, compliance pressure, and AI-driven identity risk, with LLMjacking emerging as a new abuse pattern.

Why it matters: It matters because IAM, IGA, PAM, and security teams now have to govern machine identities at a scale and speed that legacy human-centric access processes were never designed to handle.

By the numbers:

• NHIs have exploded in numbers, now outpacing human identities by 20 to 40 times.

👉 Read Oasis Security's reflection on NHI growth, compliance pressure, and LLMjacking risk

Context

Non-human identity sprawl is now a governance problem, not just an inventory problem. Service accounts, tokens, and API keys are multiplying faster than human identities, which means the real failure mode is no longer only discovery. It is whether organisations can assign ownership, enforce least privilege, and prove control at machine scale.

Oasis Security frames that shift through three pressures: regulated-industry compliance, AI-driven identity abuse, and the need for stronger operational ownership. The article is best read as a signal that NHI programmes are moving from reactive hygiene to board-relevant governance. That is the typical direction of travel for mature identity teams, but many enterprises are still behind it.

Key questions

Q: How should security teams govern non-human identities at enterprise scale?

A: Security teams should govern NHIs by linking each identity to an owner, a business purpose, and a lifecycle state. Discovery is only the starting point. The real control comes from enforcing least privilege, monitoring high-risk access, and revoking dormant or orphaned credentials quickly when the identity no longer has a valid use.

Q: Why do machine identities create more risk than human accounts in many environments?

A: Machine identities often outnumber human users by a wide margin, change faster, and are less visible to traditional governance processes. They also carry long-lived access in code, pipelines, and integrations. That combination increases the chance of over-privilege, stale ownership, and hidden abuse paths.

Q: What do security teams get wrong about AI access risk?

A: Many teams focus on the model while ignoring the identity path that reaches it. If a service account or token can invoke AI infrastructure, then that credential becomes the real control point. The mistake is treating AI risk as a model problem instead of an access governance problem.

Q: How can regulated industries prove NHI governance is actually working?

A: They should be able to show who owns each privileged machine identity, why it exists, what it can access, and when it will be removed. Audit evidence should also demonstrate that least privilege, login restrictions, and revocation processes are operating consistently, not just documented on paper.

Technical breakdown

NHI sprawl changes the control problem

Non-human identities are not just more numerous than human accounts, they are also harder to classify, own, and retire. A service account or API key can be embedded in application logic, infrastructure pipelines, or third-party integrations, which makes lifecycle control different from human IAM. Discovery alone does not solve the problem because inventory without ownership still leaves privilege, rotation, and offboarding gaps. The governance challenge is to connect each machine identity to a business purpose, a responsible owner, and an explicit expiry model.

Practical implication: build NHI ownership mapping before you try to standardise rotation or access review.

LLMjacking turns machine identity into an access commodity

LLMjacking is the abuse of machine identities that can reach large language model environments, where attackers can exploit that access directly or resell it to others. The core issue is not the model itself but the identity path that grants entry to it. Once a token or service account can invoke AI infrastructure, the access becomes a reusable control plane for abuse. That makes machine identity protection part of AI risk management, not a separate hygiene task.

Practical implication: treat model-access credentials as high-value NHI assets and place them under stronger monitoring than ordinary application secrets.

PCI DSS 4.0 forces NHI governance into audit language

The article points to PCI DSS 4.0 as a pressure point for regulated industries because auditors are increasingly asking how privileged system and application accounts are controlled. That matters because NHI governance is often weakly documented, even where operational controls exist. If least privilege, interactive-login restrictions, and account ownership cannot be demonstrated, the organisation may have a control problem even if the environment appears stable. Compliance is therefore becoming a forcing function for machine-identity maturity, not just a box-ticking exercise.

Practical implication: align NHI controls to audit evidence now, especially around privileged accounts and account purpose documentation.

Breaches seen in the wild

• Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
• DeepSeek breach — DeepSeek breach exposed 1M+ log lines and sensitive secret keys.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Machine identity sprawl is now the primary scaling failure in identity governance. The article’s 20 to 40 times ratio is not just a volume statistic, it describes a structural mismatch between the pace of machine identity creation and the cadence of human-led governance. When NHIs multiply faster than teams can assign ownership, the control surface becomes opaque. The practitioner conclusion is simple: governance programmes that still assume small, manually managed inventories are already mis-sized for the environment they now face.

LLMjacking is an identity abuse pattern, not merely an AI security concern. The abuse path begins with machine identities that can reach model endpoints and ends with access being used or sold as a commodity. That means AI risk is being mediated through the same identity primitives that already govern service accounts and API keys. Practitioners should read this as a sign that AI access controls and NHI controls are converging operationally, even if teams still report on them separately.

Compliance is becoming the language that forces NHI ownership into view. PCI DSS 4.0 matters here because regulated sectors cannot afford ambiguous account purpose, privileged access drift, or undocumented login pathways. The underlying governance gap is not the absence of policy text, it is the absence of evidence that machine identities are actually controlled. The implication is that NHI programmes will increasingly be judged on auditable ownership and lifecycle proof, not on intent.

Policy-driven NHI management is emerging as the right abstraction for scale. The article’s four-engine model points to a broader market shift toward discovery, context reconstruction, ownership discovery, and policy orchestration as a single control loop. That is a useful framing because NHI risk is rarely solved by one control in isolation. Practitioners should expect identity programmes to move toward policy-backed machine identity governance rather than ad hoc secret handling.

Blind spots around elevated access will remain the fastest way machine identities get exploited. Elevated privileges, long-lived tokens, and unmanaged API keys create the kind of access paths attackers favour because they bypass human review cycles. The field-level lesson is that NHI governance has to be built around provable privilege boundaries, not just secret storage. Teams that cannot explain why an NHI exists and what it can reach will continue to carry avoidable exposure.

From our research:

• NHIs outnumber human identities by 25x to 50x in modern enterprises, according to the Ultimate Guide to NHIs.
• Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them.
• The Ultimate Guide to NHIs is the right starting point if you need the governance and lifecycle baseline behind these numbers.

What this signals

Identity teams should expect NHI governance to shift from inventory management to lifecycle enforcement. Once machine identities outnumber human ones by 25x to 50x, manual review alone cannot keep pace with the environment. The programme signal is clear: ownership, revocation, and privilege proof need to become repeatable control outcomes, not periodic clean-up work.

LLMjacking shows that AI access is becoming an NHI risk surface in its own right. When credentials can reach model endpoints, the identity layer becomes the path of abuse. Teams should therefore review which secrets, tokens, and service accounts can invoke AI systems and whether those paths sit inside the same governance model as other privileged machine identities.

Policy orchestration will matter more than standalone secret handling. Discovery and rotation still matter, but the next maturity step is connecting them to context, ownership, and approval logic. The strongest programmes will use machine identity policy as a control loop, not a back-office inventory exercise.

For practitioners

• Map every high-value machine identity to an owner and purpose Require a named business or technical owner for every service account, token, and API key that touches sensitive systems. Without that mapping, rotation and access review become administrative theatre rather than control.
• Classify AI-access credentials as privileged NHI assets Separate credentials that can reach LLMs, agents, or AI pipelines from ordinary application secrets. Put those identities into stricter monitoring, tighter entitlements, and faster revocation paths because they can be abused or resold as access commodities.
• Align privileged account governance to PCI DSS evidence needs Document least-privilege decisions, interactive-login restrictions, and account purpose for system and application accounts before audit season. If you cannot produce evidence quickly, the control is not operationalised.
• Use discovery to feed lifecycle controls, not just inventory Connect NHI discovery outputs to ownership assignment, attestation, and retirement workflows. Discovery without follow-through usually creates more visibility than control.

Key takeaways

• Non-human identity sprawl is now a governance scaling problem, not just an operational inconvenience.
• AI access risk increasingly flows through the identity layer, which makes machine credentials a primary control point.
• Regulated industries should be able to prove ownership, purpose, and revocation for every privileged NHI.

Key terms

• Non-Human Identity: A non-human identity is any digital credential used by software, infrastructure, or automated processes rather than a person. In practice, this includes service accounts, API keys, tokens, and certificates that can authenticate, access data, and trigger actions across systems.
• Machine Identity Ownership: Machine identity ownership is the assignment of a responsible person or team to each non-human identity. It is the governance control that turns a credential from an anonymous asset into something that can be reviewed, rotated, and retired on a known schedule.
• LLMjacking: LLMjacking is the abuse of machine identities that can reach large language model environments. The attacker uses that access directly or monetises it by reselling valid credentials, which makes the credential path itself the core security problem rather than the model alone.
• Policy-Driven NHI Governance: Policy-driven NHI governance uses rules, context, and ownership data to control machine identities at scale. Instead of relying only on inventory and manual review, it links discovery to entitlements, rotation, attestation, and revocation as one operational loop.

Deepen your knowledge

NHI lifecycle governance and privileged machine identity control are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building an NHI programme that must satisfy both security and audit expectations, it is worth exploring.

This post draws on content published by Oasis Security: Reflecting on our journey at Oasis and looking ahead. Read the original.