Over Half of Enterprises Report AI Agent Security Incidents, Most Share Credentials Across Bots

iconCryptoBriefing
Share
AI summary iconSummary
A June 2026 survey by VentureBeat found 54% of 107 enterprises with over 100 employees reported AI + crypto news security incidents or near-misses. Of these, 18% confirmed breaches, while 36% reported near-misses. Sixty-nine percent use shared credentials for AI agents, with only 32% assigning unique identities. Larger firms face higher risks—63% of enterprises with over 1,000 employees reported incidents. A Gravitee survey showed similar results, with 54% of executives experiencing or suspecting security breach incidents in the past year. Cybersecurity firms like Palo Alto Networks and Cisco have made major acquisitions to improve identity management.

The VentureBeat June 2026 Pulse Research survey, which polled 107 qualified enterprises with more than 100 employees, found that 54% have already experienced an AI agent security incident or near-incident. Of those, 18% confirmed an actual incident, while 36% reported a near-miss.

The credentials problem is worse than you think

A full 69% of enterprises admitted to operating AI agents using shared credentials. Only 32% provide each agent with its own scoped identity. In English: most companies are handing their AI bots the same username and password, which means if one agent gets compromised, attackers potentially get the keys to everything that credential touches.

Advertisement

Isolation controls aren’t much better. Only 30% of enterprises sandbox their high-risk AI agents. A third of respondents said their security budget allocation specifically for agent security sits at 5% or less.

Bigger companies, bigger problems

Incident rates climb as organizations get larger: 49% of firms with 101 to 1,000 employees reported incidents or near-misses, but that number jumps to 63% for enterprises with over 1,000 employees.

A separate survey from API management company Gravitee found that 54% of executives experienced or suspected an AI agent security incident in the last year, with 34.9% confirming such incidents.

The security industry is already responding with its wallet

Palo Alto Networks completed a $21.1 billion acquisition of CyberArk, while Cisco closed a $400 million deal for Astrix. Both transactions target improvements in identity management.

What this means for investors

The current 5%-or-less allocation to agent security is unsustainable given 54% incident rates. On the risk side, any enterprise deploying AI agents without proper identity scoping and sandboxing is carrying material operational risk that may not be reflected in its valuation.

Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.