---
title: Data exfiltration successful
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: Docs > Datadog Security > OOTB Rules > Data exfiltration successful
---

# Data exfiltration successful
Tactic:[TA0010-exfiltration](https://attack.mitre.org/tactics/TA0010)Technique:[T1567-exfiltration-over-web-service](https://attack.mitre.org/techniques/T1567) 
### Goal{% #goal %}

Detect successful data exfiltration from AI-enabled services. This detection identifies when an attacker has successfully manipulated an LLM to leak sensitive information, including PII, credentials, or other confidential data.

### Strategy{% #strategy %}

Monitor application security events for successful (unblocked) data exfiltration using `@ai_guard.attack_categories:data-exfiltration` and `-@ai_guard.blocked:true`. Integration with Sensitive Data Scanner (`@ai_guard.sds.categories`) enables precise classification of the leaked data type.

Signal severity is determined as follows:

- `CRITICAL` Data exfiltration was not blocked and included PII or credentials (`@ai_guard.sds.categories:(pii OR credentials)`). This represents a confirmed data breach with potential regulatory implications.
- `HIGH` Data exfiltration was not blocked, either containing other sensitive data categories or unclassified data. This represents a security incident requiring investigation.

### Triage and response{% #triage-and-response %}

1. Enable AI Guard in blocking mode for the affected [service](https://app.datadoghq.com/security/ai-guard/settings/services) or [tool](https://app.datadoghq.com/security/ai-guard/settings/tools) to prevent further exfiltration.
1. [Block](https://docs.datadoghq.com/security/application_security/policies.md) the attacking IP addresses to interrupt ongoing exploitation.
1. Review the flagged requests and LLM responses to identify exactly what data was exfiltrated.
1. Determine the breach scope — identify all affected users, sessions, and data records that may have been exposed.
1. For critical signals with PII or credentials, assess reporting obligations under GDPR, CCPA, or other applicable data protection regulations.
1. Review system prompts, input sanitization, and output filtering to harden defenses against future attempts.