Zoho AI agent leak concerns have intensified after Zoho founder Sridhar Vembu revealed a shocking incident involving an autonomous AI system. During a routine acquisition pitch, a browser-based AI agent accidentally revealed sensitive financial information that was never meant to be shared externally. The unexpected “sorry note” from the AI system that followed raised even deeper questions about the growing risks behind autonomous, agentic AI.
AI Agent Leak Exposes Sensitive Details
The episode started when Vembu received an email from a startup founder pitching an acquisition to Zoho. However, the email also included highly confidential information about another company that was reportedly interested in acquiring the same startup. Even more concerning, the exact acquisition price was disclosed as well. Instead of a simple introduction, the pitch turned into an unintended corporate leak.
Shortly after, the situation escalated further. The founder’s automated browser AI agent sent a second email apologizing for its mistake. The message, as Vembu explained, stated that it was “sorry for disclosing confidential information about other discussions.” This unexpected correction shocked Vembu and immediately sparked a discussion about the lack of judgment in next-generation AI systems.
Growing Risks of Agentic AI
According to Vembu, the incident reflects a serious flaw in the design of autonomous AI tools. Although major tech companies are aggressively promoting Agentic AI as the future—systems that can act independently, make decisions, draft emails, and interact with users—the recent leak shows how easily such systems can mishandle sensitive data.
Moreover, Vembu emphasized that these AI systems must be introduced with strong guardrails. Without them, enterprises risk exposing financial information, internal strategies, or confidential negotiations. While AI continues to advance rapidly, it still lacks the discernment required for high-stakes corporate communication.
Why Arattai Is Staying Clear of AI Agents
Zoho’s own messaging platform, Arattai, is designed with privacy and national data security in mind. Unlike other messaging services integrating AI into user experiences, Arattai remains free from AI agents for now. Vembu has repeatedly stated that security must come before convenience. As a result, Arattai continues to rely on Zoho’s in-house infrastructure and recently strengthened privacy with end-to-end encryption for text messaging.
Through this latest incident, Vembu reinforces a critical message: while AI evolves at lightning speed, organizations must proceed with caution. Responsible development, human oversight, and strong privacy measures are essential to prevent severe misuse or accidental disclosure.
