Large Language Models (LLMs) have rapidly been integrated into enterprise applications to enable advanced data-driven functionalities. This paper investigates a novel security risk in such LLM-integrated systems, wherein an attacker can gradually extract sensitive information by distributing their query across multiple prompt instances. We examine how corporate LLM tools (e.g., Microsoft 365 Copilot) that connect to internal data sources might be vulnerable to multi-stage prompt inference attacks that bypass single-query security checks. A theoretical framework is developed to model the information leakage per query using information theory, and we derive quantitative bounds on an attacker’s success rate. We then present a proof-of-concept multi-query attack in a controlled setting, demonstrating how an adversary can reconstruct confidential data (like social security numbers or passwords) by aggregating innocuous partial responses from the LLM. Experimental results using a simulated LLM with enterprise data show that our attack can retrieve secrets in far fewer queries than naive guessing, with a success rate that approaches 100% after a threshold number of queries. Finally, we discuss potential mitigation strategies (such as adaptive rate-limiting, anomaly detection, and differential privacy mechanisms) to defend against this emerging threat. Our findings underscore the urgent need for robust security measures in enterprise LLM deployments to prevent indirect leakage of sensitive information.