TL;DR: Around 100,000 ChatGPT conversations were surfaced through Google indexing after users created share links, exposing a privacy failure that can reveal medical, personal, and business information, according to Swarmnetics. The incident shows that LLM governance now has to cover discoverability, not just model access and data entry.
NHIMG editorial — based on content published by Swarmnetics: Search Engines Picking Up ChatGPT Conversations is the Latest Privacy Surprise for LLM Users
Questions worth separating out
Q: How should organisations govern shared AI conversations that can be indexed by search engines?
A: Treat shared AI conversations like published content, not private drafts.
Q: Why do LLM sharing features create privacy risk even when the model itself is not breached?
A: Because the exposure path comes from publication, not compromise.
Q: What do security teams get wrong about AI access risk?
A: Many teams focus on the model while ignoring the identity path that reaches it.
Practitioner guidance
- Disable public indexing for shared AI conversations Review whether shared conversation links can be discovered by search engines and turn off indexing where the platform allows it.
- Classify LLM outputs before users can share them Apply data handling rules to prompts and responses that include regulated, confidential, or contractual information.
- Bring shadow AI into IAM and DLP oversight Inventory which identities, devices, and endpoints are using public AI tools and whether those sessions sit inside managed controls.
What's in the full analysis
Swarmnetics' full analysis covers the operational detail this post intentionally leaves for the source:
- The mechanics of how ChatGPT share links became discoverable through search indexing.
- The user-behaviour and platform-design conditions that made the exposure possible.
- The specific examples of sensitive content found in the indexed conversations.
- The follow-on de-indexing and product changes discussed by the source publisher.
👉 Read Swarmnetics' analysis of indexed ChatGPT conversations and privacy exposure →
ChatGPT shared chats in search results: what does this mean for governance?
Explore further
Search-indexable sharing is now a privacy control, not a convenience feature. This incident shows that LLM platforms can convert a user action into public discoverability unless indexing controls are explicit and well understood. That shifts the governance problem from content creation alone to content publication, which sits at the intersection of privacy, platform design, and user education. Practitioners should treat share-link behaviour as a policy decision, not a user preference.
A few things that frame the scale:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%), according to AI Agents: The New Attack Surface report.
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.
A question worth separating out:
Q: Who is accountable when employees use private AI for work tasks?
A: Accountability usually sits with the organisation that sets policy, the manager who approves the workflow, and the teams that control endpoint and identity settings. If no one defines approved use, the result is shadow AI with weak traceability. The right answer is explicit ownership, not assumed privacy.
👉 Read our full editorial: Search-indexed ChatGPT shares expose the privacy gap in LLM use