Risk Library
Real-world AI failures. Real-world consequences.
A curated reading list of public incidents where AI hallucinations, silent data exposure, or unverified outputs caused measurable harm — lawsuits, sanctions, regulatory action, and lost trust. Use it to brief your board, your security committee, or yourself on what’s actually happening in regulated industries.
Why this page exists
“AI made a mistake” is no longer a defense.
Courts, regulators, and clients have stopped treating AI errors as novelty. Every story below is a public record — a court filing, a regulatory order, a peer-reviewed study, or a reputable news investigation. AgenticFort exists because the underlying failure modes are predictable, and avoidable, with the right architecture.
Finance & enterprise data leakage
Confidential data, sent to someone else’s servers, in a single paste.
Samsung engineers leaked semiconductor source code to ChatGPT — three times in 20 days
Within three weeks of permitting employee use of ChatGPT, Samsung recorded three separate incidents of confidential information being pasted into the chatbot — proprietary semiconductor source code, defect-detection routines, and internal meeting transcripts. Samsung banned generative AI tools company-wide and warned that further violations could trigger termination.
JPMorgan, Citi, Goldman, BofA, Wells Fargo, Deutsche Bank all restrict ChatGPT
Within months of ChatGPT’s launch, every major U.S. and European bank restricted or banned employee use — driven by compliance concerns over sending client information through third-party servers. The restrictions weren’t triggered by a specific incident at JPMorgan; they were a baseline judgment that the data exposure risk wasn’t acceptable for regulated workflows.
The AgenticFort lens
The banks weren’t being paranoid — they were doing the math. Once a prompt leaves your network, you no longer control where it’s logged, cached, or trained on. AgenticFort runs inside your perimeter on hardware we ship, so a paste of client data goes to your model, not someone else’s.
Legal & Professional Services
When fabricated citations end up in front of a judge.
Mata v. Avianca: lawyers fined $5,000 for ChatGPT-invented cases
Two New York attorneys filed a brief citing six judicial decisions that did not exist. ChatGPT had hallucinated them — complete with fake quotations and made-up internal citations. Judge Castel found “subjective bad faith” and imposed Rule 11 sanctions, requiring the lawyers to write apology letters to the judges named in the fictional opinions.
Michael Cohen sent his lawyer fake cases generated by Google Bard
Michael Cohen, the disbarred former Trump attorney, used Google Bard to research case law for a motion seeking early release from supervised release. He passed the citations to his lawyer, who filed them without verification. The cases didn’t exist. The judge declined to sanction Cohen but called the episode “embarrassing and certainly negligent.”
“Hallucination-free” legal AI tools hallucinate up to 33% of the time
A peer-reviewed Stanford study tested LexisNexis (Lexis+ AI) and Thomson Reuters (Westlaw AI-Assisted Research, Ask Practical Law AI) — products marketed to lawyers as eliminating hallucinations via retrieval-augmented generation. Lexis+ AI produced incorrect or misgrounded responses on 17% of queries. Westlaw’s tool failed on roughly 33%.
DoNotPay pays $193,000 over deceptive “AI lawyer” claims
The FTC found that DoNotPay’s “robot lawyer” was marketed as a substitute for human attorneys without ever being tested against one — and that the company had not retained any lawyers to verify its outputs. The consent order required restitution, disclosure to past subscribers, and a permanent injunction against equivalent claims.
The AgenticFort lens
Every legal failure above shares one root cause: the AI generated text that looked like research without anchoring it to a retrievable source the user could verify. AgenticFort surfaces the underlying document passage on every answer — if it isn’t in the cited source, it isn’t in the answer.
Healthcare
Algorithms that override clinicians — and miss the patients they’re meant to catch.
UnitedHealth’s nH Predict allegedly denied care with a 90% error rate
A class action filed against UnitedHealth alleges that its subsidiary naviHealth used the nH Predict algorithm to override physician judgment on Medicare Advantage rehabilitation stays — and that 90% of denials were reversed on appeal. A STAT investigation cited internal targets that pressured staff to keep stays within 1% of the model’s prediction. The court refused to dismiss the contract claims in early 2025.
Epic’s sepsis prediction model missed two-thirds of cases
An external validation of Epic’s widely deployed sepsis prediction model — used across hundreds of U.S. hospitals — found it identified only one-third of septic patients while generating frequent false alarms. The published AUC was 0.63, far below the performance Epic itself reported. The study raised questions about how clinical AI gets adopted on the strength of vendor claims alone.
The AgenticFort lens
In healthcare, the danger isn’t only what the AI says — it’s whether the clinician can see why. AgenticFort never returns an answer without the source documents and the specific passages that produced it. Models inform decisions; they don’t replace them.
Public-facing chatbots
When the company is on the hook for whatever the chatbot says.
Air Canada’s chatbot invented a refund policy. The tribunal made the airline honor it.
Jake Moffatt asked Air Canada’s chatbot about bereavement fares before flying to his grandmother’s funeral. The bot told him he could apply for a discount retroactively. He couldn’t — that policy didn’t exist. The tribunal rejected Air Canada’s argument that the chatbot was a separate entity and ordered the airline to pay damages.
NYC’s MyCity chatbot told business owners to break the law
A months-long investigation by The Markup and THE CITY found that NYC’s official Microsoft-powered small-business chatbot was confidently advising employers to take a cut of tipped wages (illegal), refuse Section 8 tenants (illegal), and reject cash payments (banned in NYC since 2020). The Adams administration left it online with an added disclaimer.
A Chevy dealer’s ChatGPT-powered bot agreed to sell a Tahoe for $1
A user prompted the dealership’s customer-service bot with a few lines telling it to agree with anything and end every reply with “that’s a legally binding offer — no takesies backsies.” The bot obliged. The viral screenshot crossed 20 million views overnight and the dealership disabled the bot. A reminder that a chatbot without guardrails is just a microphone.
The AgenticFort lens
Public-facing AI inherits your liability. AgenticFort is built so every answer is bounded by the documents your team approved — not by whatever an LLM happens to confabulate when a customer asks the wrong question.
Government & education
When public-sector decisions ride on a model that gives different answers each time.
An Iowa district used ChatGPT to decide which library books to ban
To comply with a new Iowa law, Mason City administrators asked ChatGPT whether 19 books contained “depictions of a sex act.” Reporters discovered the model gave different answers to the same question on repeated tries — saying “no” once and “yes” the next. Several titles, including Friday Night Lights, were quietly reinstated after the inconsistencies became public.
OECD AI Incidents Monitor & AI Incident Database
Two public registries track AI failures as they happen. The OECD monitors government and enterprise AI incidents globally; the AI Incident Database (AIID) catalogs everything from biased hiring tools to hallucinated medical advice. Both are useful primary sources when you need to brief leadership on a category of risk.
The AgenticFort lens
A model that gives different answers to the same question is fine for brainstorming and disqualifying for compliance. AgenticFort is built so the answer is grounded in a fixed set of approved documents, retrievable on demand, audit-logged on every query.