Don’t tell your AI chatbot these 5 things to keep your money safe

AI chatbots like ChatGPT, Google Gemini, and Microsoft Copilot are now part of everyday life for millions of people. They help with writing, planning, and even financial questions. But as these tools become more popular, security researchers and consumer advocates are warning about a less obvious risk: the information you type into a chatbot can be stored, analyzed, and potentially accessed by others.

A recent column in The Washington Post highlighted five specific categories of sensitive data you should never share with an AI chatbot. Separately, a BBC investigation demonstrated how easily a researcher could extract personal information from ChatGPT and Google’s AI in under 20 minutes. The National Council on Aging also lists AI-assisted fraud as a growing threat, especially for older adults.

Here’s what happened, why it matters, and what you can do to protect yourself.

What happened

In April 2026, the Washington Post published a column explicitly advising readers not to tell their AI chatbot five things to protect their finances. The column drew on privacy research and real-world scam examples. Around the same time, BBC News published an article showing a security researcher manipulating chatbot prompts to retrieve other users’ chat histories — including sensitive financial data that had been shared casually. Google’s own privacy guidelines note that conversations with Gemini may be reviewed by human trainers and retained for up to several years, even if you delete your account.

Why it matters

The core problem is that AI chatbots are not private vaults. Most services store your conversations to improve their models. Some allow human reviewers to read transcripts. Even if a company promises encryption, the chat logs exist on their servers. And as the BBC hack demonstrated, malicious actors can sometimes trick the chatbot into exposing that stored data.

If you share your bank account number while asking a chatbot to help you track spending, that information could end up in a data breach or be extracted by a third party. Scammers have already begun using stolen chatbot logs to impersonate victims, answer security questions, and drain accounts. The risk is not theoretical — it’s happening now.

What readers can do: 5 things never to share

The good news is that you can continue using AI chatbots for most tasks as long as you stay aware of what not to share. Here are the five categories, with specific risks explained.

1. Social Security numbers and tax IDs

Your Social Security number is the key to your financial identity. Scammers can use it to open credit accounts, file fraudulent tax returns, or commit synthetic fraud (combining a real SSN with a fake name). Even if you trust the chatbot provider, a server breach could expose your number. Never type your SSN or taxpayer ID into any chatbot, even if you’re asking for advice about Social Security or taxes.

2. Bank account and credit card numbers

Typing your full account number or credit card digits into a chatbot is like writing them on a postcard. In the BBC demonstration, the researcher was able to retrieve credit card numbers that other users had entered days earlier. While most chatbots don’t intentionally store payment info, the risk of prompt extraction remains. If you need budgeting help, use generic figures — “about $500 for groceries” instead of your actual account balance and account number.

3. Answers to security questions

“What is your mother’s maiden name?” “What was the name of your first pet?” “What street did you grow up on?” These are common security questions for bank accounts and email recovery. If you tell a chatbot your answers, anyone who gains access to your chat history can use them to reset your passwords. Treat security question answers like passwords: don’t share them anywhere online, including with chatbots.

4. Photos of IDs or official documents

Uploading a picture of your passport, driver’s license, or birth certificate to a chatbot is extremely risky. Even if the chatbot is advertised as “privacy-focused,” the image is stored on company servers. Document forgery and account takeover are real concerns. A scammer with a clear photo of your ID can create convincing fakes or use the information to impersonate you to banks and government agencies. If you need help reading a document, describe the text instead of uploading the image.

5. Passwords, PINs, and two-factor authentication codes

This may seem obvious, but people do it — especially when they’re frustrated with account recovery. “I can’t log in, and the code sent to my phone is 8492.” Once you type a password or 2FA code into a chatbot, it’s no longer secret. That one-time code becomes a long-term liability if the chat log is ever accessed. Store passwords only in a password manager, and never paste them into a conversational AI.

What you can safely ask

None of this means you should stop using AI chatbots. They can be helpful for general financial education, budgeting tips, or explaining investment concepts — as long as you keep the details generic. Ask “How do I calculate compound interest?” not “What’s the maturity date on my $50,000 CD at Chase?”

If you need personalized financial advice, use a dedicated, encrypted financial app or speak with a human advisor. Treat chatbots like public bulletin boards: anything you say could be read by someone else, even if that someone is a scammer three years from now.

Sources

  • Washington Post: “Don’t tell your AI chatbot these 5 things to keep your money safe” (April 2026)
  • BBC News: “I hacked ChatGPT and Google’s AI - and it only took 20 minutes” (February 2026)
  • National Council on Aging: “Top 5 Financial Scams Targeting Older Adults” (March 2026)
  • Google Gemini Privacy Notice (accessed April 2026)