5 Costly AI Hallucinations Every Business Should Know (and How to Avoid Them)

AI is the world's best liar. It doesn't mean to intentionally deceive us. It's just a glitch called a hallucination, and people get tricked because the AI models deliver this false information with absolute confidence.

We asked our expert AI training instructors about five of the most infamous hallucinations. Here are the stories, along with the takeaways that every business needs to know. 

1. A Lawyer Trusted ChatGPT’s Citations and Got Fined

In 2023, a New York attorney Steven Schwartz submitted documents referencing six court cases that were generated by a chatbot. Turns out, each one was fake: made-up case names, docket numbers, etc.

The most troubling part: Schwartz asked the chatbot to verify the cases, and it insisted they were real. It was even so bold as to claim that they could be found in legal research databases.

The mistake cost Schwartz, his co-counsel and their law firm $5,000 in fines.

Business lesson: AI might try to reinforce its own errors. For important tasks, verify your facts using primary sources. Ask AI to cite its sources and then take the time to read the information provided by those primary sources using human eyes and judgement. 

2. A Chatbot Invented Policy, and The Company Had to Pay

A customer asked Air Canada’s chatbot about its bereavement policy. The AI incorrectly shared that he could apply for a discount after purchasing his ticket. In reality, that policy didn’t exist.

The customer relied on the bot’s advice and requested his money. Air Canada denied the claim, arguing that the chatbot was a separate tool. As a separate tool, they argued, it was responsible for the misinformation. In the end, the law ruled that the airline was accountable for the information published on its own website, even if an AI tool hallucinated the facts.

The case is a clear examples showing that AI-generated customer support is held to the same standards as human-generated support. 

Business lesson: Customer-facing AI represents your company. If it gives incorrect advice, customers will blame your organization. Customer-facing AI needs up-close human review processes.

3. The Support Agent That Didn’t Exist

In 2025, users of an AI coding platform called Cursor started getting messages from a support agent named “Sam.” He said that logging in from multiple devices was no longer permitted.

Turns out that "Sam" didn't exist and neither did the "multiple device" policy. It was an AI hallucination. Before anyone could clarify what happened, the message had spread widely through developer communities. Subscriptions were cancelled and trust was lost.

Business lesson: Don't let AI impersonate human employees or communicate policy changes. Clearly label AI interactions, restrict what AI can say about policies, and require human review for any communication that could impact customer trust or contractual expectations.

4. When AI Summaries Change the Facts

In late 2024 and early 2025, Apple Intelligence started offering news summary notifications on iPhones. Several summaries changed the meaning of the original reporting. In one case, the AI falsely summarized a BBC notification to suggest that Luigi Mangione had shot himself. In another, it announced the winner of a sporting event before the match had even been played. When news sources like the BBC complained along with platform users, Apple temporarily disabled the news summaries, later re-introducing them with clearer labeling and warnings about errors.  

Business lesson: AI summaries can introduce new facts that never appeared in the original source. Always verify the key details in a summary before acting on them.

AI-generated BBC news summary

AI-fabricated news alert reported by BBC to Apple in 2024 | Source: BBC

 

5. A Glitch That Led to Malware

A developer asked ChatGPT how to upload an AI model and was told to install a software package that didn’t actually exist.

Someone realized ChatGPT kept recommending that same nonexistent package name. They registered it online and made it available for download, and hid malicious software in it.

Developers who trusted ChatGPT’s recommendation began downloading it. More than 30,000 downloads later, this is now a known attack pattern. Bad actors watch for AI’s favorite made-up package names, then register them and load them with malware.

Business lesson: Code generated by AI needs the same review as code written by an entry-level developer. Teams should always double-check before deploying anything to production. 

The Common Thread

Every one of these incidents shares the same root cause: someone treated AI output as a finished answer instead of a starting point.

As organizations adopt AI, verification becomes just as important as prompting. Employees don’t need to memorize every limitation of generative AI, but they do need practical habits that help them recognize when something deserves a second look.

Ready to help your team use AI with confidence? Webucator’s instructor-led AI training helps employees build practical prompting, verification, and governance skills so they can use AI effectively and responsibly. Talk to a Webucator training specialist.