Remova Logo
AI Glossary

Data Poisoning

A cyberattack where malicious data is deliberately injected into a model's training set to corrupt its behavior.

TL;DR

  • A cyberattack where malicious data is deliberately injected into a model's training set to corrupt its behavior.
  • Data Poisoning shapes how organizations design controls, ownership, and operating discipline around AI.
  • Use the related terms and explanation below to connect the definition to real enterprise rollout decisions.

In Depth

Data Poisoning is a sophisticated adversarial attack targeting the fundamental integrity of an artificial intelligence model. It occurs during the training or fine-tuning phase of the model's lifecycle. An attacker deliberately introduces malicious, corrupted, or heavily biased data into the massive datasets used to train the AI. Because foundation models require billions of data points, it is extremely difficult for human engineers to verify every piece of ingested information.

The goal of data poisoning is to fundamentally alter the model's 'worldview' or to install a hidden backdoor. For example, an attacker might poison an open-source coding dataset so that whenever a model generates an authentication script, it subtly includes a specific vulnerability the attacker can later exploit. In a less technical example, an attacker could poison a public dataset to ensure a specific brand is always associated with negative sentiment in AI-generated summaries.

For enterprises, data poisoning is a major AI Supply Chain Risk. If an organization downloads a poisoned open-source model, or if they use an external RAG (Retrieval-Augmented Generation) system that accidentally indexes an attacker's poisoned document on the corporate network, the AI will confidently output malicious or corrupted information. Mitigating this risk requires rigorous provenance tracking of all training data, cryptographic hashing to ensure model integrity, and strict access controls on the internal document repositories used for enterprise grounding.

Free Resource

The 1-Page AI Safety Sheet

Print this, pin it next to every screen. 10 rules your team should follow every time they use AI at work.

You get

A printable 1-page PDF with 10 clear do's and don'ts for AI use.

Related Terms

AI Supply Chain Risk

The hidden security and compliance vulnerabilities introduced by relying on third-party AI models and datasets.

Model Drift

The degradation of an AI model's performance and accuracy over time due to changing real-world data.

Red Teaming (AI)

The adversarial practice of aggressively testing an AI system to discover security flaws, biases, and vulnerabilities.

Free Resource

Get a Draft AI Policy in 5 Minutes

Answer 6 questions about your company. Get a real AI usage policy you can hand to legal this week.

You get

A ready-to-review AI policy document customized to your company.

Knowledge Hub

Glossary FAQs

Data Poisoning happens *before* deployment, corrupting the model's foundational training data. <a href='/glossary/prompt-injection'><a href='/glossary/prompt-injection'>Prompt Injection</a></a> happens *after* deployment, attacking the model in real-time through tricky user inputs.
Yes. If an attacker gains access to the corporate SharePoint and uploads a document containing false information or malicious instructions, the <a href='/glossary/rag'><a href='/glossary/rag'>RAG</a></a> system will index it. When the AI retrieves that document, it has effectively been poisoned.
Unfortunately, fixing a poisoned foundation model is incredibly difficult. You usually cannot simply 'delete' the bad data; the entire model must be retrained from scratch without the corrupted data, which is massively expensive.

ENTERPRISE AI GOVERNANCE

Turn glossary concepts like Data Poisoning into enforceable operating controls with Remova.

Sign Up