This paper systematically examines data-centric security risks in large language models (LLMs), including training data contamination, prompt injection, and data poisoning—threats that induce toxic outputs, hallucinations, and degraded reliability. Through a comprehensive literature review and taxonomic analysis, it presents the first holistic classification of LLM data security threats and corresponding defenses, covering techniques such as adversarial training, reinforcement learning from human feedback (RLHF), and data augmentation, while also systematically evaluating mainstream safety benchmark datasets. Innovatively, it proposes an “interpretability-driven” defense and governance framework, emphasizing auditable safety update mechanisms and transparent decision-making pathways. The study establishes the first end-to-end LLM data security risk–defense taxonomy, offering both theoretical foundations and practical guidelines for researchers, developers, and policymakers to advance trustworthy LLM development.

Large Language Models (LLMs), now a foundation in advancing natural language processing, power applications such as text generation, machine translation, and conversational systems. Despite their transformative potential, these models inherently rely on massive amounts of training data, often collected from diverse and uncurated sources, which exposes them to serious data security risks. Harmful or malicious data can compromise model behavior, leading to issues such as toxic output, hallucinations, and vulnerabilities to threats such as prompt injection or data poisoning. As LLMs continue to be integrated into critical real-world systems, understanding and addressing these data-centric security risks is imperative to safeguard user trust and system reliability. This survey offers a comprehensive overview of the main data security risks facing LLMs and reviews current defense strategies, including adversarial training, RLHF, and data augmentation. Additionally, we categorize and analyze relevant datasets used for assessing robustness and security across different domains, providing guidance for future research. Finally, we highlight key research directions that focus on secure model updates, explainability-driven defenses, and effective governance frameworks, aiming to promote the safe and responsible development of LLM technology. This work aims to inform researchers, practitioners, and policymakers, driving progress toward data security in LLMs.