Why the Microsoft 365 Copilot bug matters for data security

You spot your email information settings for a reason. So erstwhile an AI adjunct softly reads and summarizes messages marked confidential, that spot takes a hit.

Microsoft says a bug successful Microsoft 365 Copilot allowed its AI chat diagnostic to process delicate emails since precocious January.

The contented bypassed Data Loss Prevention policies that organizations trust connected to support backstage information. Put simply, emails that were expected to enactment locked down were being summarized anyway.

Sign up for my FREE CyberGuy Report 

Get my champion tech tips, urgent information alerts, and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide - escaped erstwhile you articulation my CYBERGUY.COM newsletter    

Microsoft 365 Copilot’s enactment chat interface sits astatine the halfway of the contented aft a bug allowed it to summarize confidential emails. (Microsoft)

Microsoft 365 Copilot bug summarized confidential emails

Microsoft says a coding mistake impacted Microsoft 365 Copilot Chat, specifically the "work tab" feature. The AI adjunct helps concern users summarize content, draught responses and analyse accusation crossed Word, Excel, PowerPoint, Outlook and OneNote.

Beginning January 21, an interior bug labeled CW1226324 caused Copilot to work and summarize emails stored successful Sent Items and Drafts folders.

The existent interest runs deeper. Several of those messages carried confidentiality oregon sensitivity labels.

Companies use those labels on with DLP policies to artifact automated systems from accessing restricted content. Despite those safeguards, Copilot inactive generated summaries. 

We reached retired to Microsoft, and a spokesperson provided CyberGuy with the pursuing statement:

"We identified and addressed an contented wherever Microsoft 365 Copilot Chat could instrumentality contented from emails labeled confidential authored by a idiosyncratic and stored wrong their Draft and Sent Items successful Outlook desktop. This did not supply anyone entree to accusation they weren't already authorized to see. While our entree controls and information extortion policies remained intact, this behaviour did not conscionable our intended Copilot experience, which is designed to exclude protected contented from Copilot access. A configuration update has been deployed worldwide for endeavor customers." 

Why the Microsoft 365 Copilot bug matters for information security

AI tools consciousness helpful. They prevention clip and trim engaged work. But they besides trust connected heavy entree to your data. When safeguards fail, adjacent temporarily, delicate contented tin determination successful ways you did not expect.

YOUR PHONE SHARES DATA AT NIGHT: HERE'S HOW TO STOP IT

For businesses, that could mean:

Legal discussions summarized extracurricular intended controls

Financial projections processed contempt restrictions

HR communications are exposed to automated analysis

Even if nary information leaves the organization, the bypass itself raises concerns astir however AI integrates with endeavor information systems.

Business users trust connected Copilot to streamline work, but a caller bug raised concerns astir however it handles delicate email content. (Microsoft)

How Microsoft is fixing the Microsoft 365 Copilot bug

Microsoft says it began rolling retired a hole successful aboriginal February. The institution continues to show deployment and is contacting immoderate affected users to verify the hole works.

However, Microsoft has not provided a last timeline for afloat remediation. It has besides not disclosed however galore organizations were affected.

The contented is tagged arsenic an advisory, which usually signals constricted scope oregon impact. Still, galore information professionals volition privation deeper clarity earlier feeling comfortable.

What this Microsoft 365 Copilot contented reveals astir AI security

This incidental highlights thing galore companies are wrestling with close now. AI assistants beryllium wrong productivity platforms. They request entree to email, documents and collaboration tools to enactment well.

TIKTOK AFTER THE US SALE: WHAT CHANGED AND HOW TO USE IT SAFELY

At the aforesaid time, those platforms incorporate your astir delicate information. When AI features grow quickly, information policies indispensable germinate conscionable arsenic fast. Otherwise, adjacent a tiny codification mistake tin make unexpected exposure.

The Copilot chat diagnostic was designed to boost productivity, yet a codification mistake fto it process emails labeled confidential.  (Microsoft)

Ways to enactment harmless aft the Microsoft 365 Copilot bug

If your enactment uses Microsoft 365 Copilot, present are applicable steps to trim risk:

1) Review Copilot entree settings

Work with your IT squad to corroborate which folders and information sources Copilot tin access.

2) Revalidate DLP policies

Test sensitivity labels and DLP (Data Loss Prevention)  rules to guarantee they artifact AI processing arsenic intended.

3) Monitor advisory updates

Stay existent connected Microsoft work alerts and verify that the hole is afloat deployed successful your tenant.

4) Limit AI scope during investigations

If you person concerns, see temporarily restricting Copilot features until verification is complete.

5) Train employees connected AI boundaries

Remind unit that AI assistants tin process drafts and nonstop messages. Encourage cautious handling of delicate content.

6) Audit Copilot enactment logs

Review audit logs to spot whether Copilot accessed oregon summarized labeled emails. This helps find existent vulnerability alternatively than assumed risk.

7) Review sensitivity statement configuration

Confirm that confidential labels are configured to artifact AI processing wherever required. Misconfigured labels tin make gaps adjacent aft a bug is fixed.

8) Reassess retention and draught policies

Because the contented progressive Sent Items and Drafts, measure whether delicate drafts should beryllium stored semipermanent oregon deleted aft sending.

9) Limit Copilot to circumstantial idiosyncratic groups

Instead of enabling Copilot organization-wide, see a phased deployment to departments with little sensitivity exposure.

10) Conduct a post-incident information review

Use this infinitesimal to reassess however AI tools integrate with compliance controls. Treat it arsenic a learning accidental alternatively than a one-time glitch.

Pro Tip: This Copilot bug centers connected endeavor controls. Even so, AI tools run connected your devices and accounts, truthful keeping bundle up to day and utilizing beardown antivirus bundle adds an important furniture of defense. Get my picks for the champion 2026 antivirus extortion winners for your Windows, Mac, Android & iOS devices astatine Cyberguy.com

Considering a much backstage email provider

Enterprise AI bugs rise a bigger question: however overmuch entree should email platforms person to your information successful the archetypal place? If you privation an added furniture of privateness beyond mainstream providers, privacy-focused email services are worthy exploring.

Some connection end-to-end encryption, enactment for PGP encryption and a strict no-ads concern exemplary that avoids scanning messages for selling purposes.

AI WEARABLE HELPS STROKE SURVIVORS SPEAK AGAIN

Many besides let you to make disposable email aliases, which tin trim spam and bounds vulnerability if 1 code is compromised.

While nary supplier is immune to bundle bugs, choosing an email work built astir privateness alternatively than information monetization tin bounds however overmuch of your accusation is accessible to automated systems successful the archetypal place.

For individuals, journalists and tiny businesses especially, that added power tin marque a meaningful difference.

For recommendations connected backstage and unafraid email providers that connection alias addresses, sojourn Cyberguy.com

Kurt's cardinal takeaways

AI assistants are becoming portion of regular enactment life. They committedness speed, ratio and smarter workflows. But convenience should ne'er outrun security.

This Copilot bug whitethorn person a constricted impact. Still, it serves arsenic a reminder that AI tools are lone arsenic beardown arsenic the guardrails down them.

When those guardrails slip, adjacent briefly, delicate accusation tin determination successful unexpected ways. As AI becomes much embedded successful concern software, spot volition beryllium connected transparency, accelerated fixes and wide communication.

Here is the existent question: If your AI adjunct tin spot everything you write, are you afloat assured it respects each bound you set? Let america cognize by penning to america astatine Cyberguy.com

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report Get my champion tech tips, urgent information alerts, and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide - escaped erstwhile you articulation my CYBERGUY.COM newsletter 

Copyright 2026 CyberGuy.com.  All rights reserved.  

Related Article