Microsoft Copilot Bug Exposed Confidential Emails, Check Your Settings

Microsoft has disclosed a bug in its Microsoft 365 Copilot service where the "work tab" chat feature generated summaries from confidential emails, bypassing sensitivity labels and Data Loss Prevention (DLP) controls. The issue, detected on January 21, stemmed from an internal code error that caused Copilot to pull content from Sent Items and Drafts folders.

These folders often contain sensitive draft negotiations or final communications. Microsoft began deploying a fix in early February but has not disclosed the number of affected tenants or how long the vulnerability existed. Security teams are left without a clear scope for their investigations.

Administrators are strongly advised to test if Copilot can still summarize labeled emails from these folders in their environment and document their findings. All users should treat Copilot summaries with skepticism and verify their accuracy until IT confirms the fix is fully effective, especially when handling regulated information.

Microsoft Copilot Bug Exposed Confidential Emails, Check Your Settings

Google Unveils Gemini 3.1 Flash-Lite AI Model for High-Volume Developer Workloads

Google Launches Now Playing as a Standalone App on Play Store

Apple Unveils Affordable iPhone 17e at $599 with Performance and Camera Upgrades

Blackout Returns to Call of Duty: Warzone - Official Release Date Announced

Switch 2 Game Upgrade Faces Criticism and Refunds Over Visual Issues