Microsoft’s Copilot Chat quietly summarized emails labeled “Confidential,” bypassing the data‑loss protections administrators relied on and forcing a hard assessment of how AI features must be governed inside Microsoft 365...
Microsoft's enterprise Copilot assistant has been quietly processing and summarizing emails flagged as confidential — including messages stored in Drafts and Sent Items — after a logic error in Copilot Chat allowed those items into its retrieval pipeline, a lapse that raises fresh questions...
Microsoft's own Copilot Chat briefly overran its guardrails: a code error allowed the service to summarize emails labeled as confidential, processing messages from users' Sent Items and Drafts in ways that violated intended Data Loss Prevention (DLP) and sensitivity-label behavior.
Background
In...
Microsoft’s flagship workplace assistant, Microsoft 365 Copilot Chat, briefly read and summarized email messages that organizations had explicitly labeled Confidential, a logic error the company logged internally as service advisory CW1226324 and that has forced a re‑examination of how embedded...
Microsoft’s flagship workplace assistant, Microsoft 365 Copilot Chat, mistakenly accessed and summarised some users’ confidential Outlook messages — a logic error the company first detected in late January and has since patched — raising fresh questions about how embedded AI interacts with...
Microsoft’s Copilot Chat briefly summarized emails that organizations had explicitly labeled as confidential — a failure Microsoft attributes to a server‑side code error that allowed items in users’ Sent Items and Drafts to be picked up and summarized by the Copilot “Work” chat experience, and...
For weeks this winter, a logic error in Microsoft 365 Copilot Chat’s “Work” experience allowed the AI to read and summarize emails that organizations had explicitly marked Confidential, bypassing configured Data Loss Prevention (DLP) and sensitivity‑label protections and exposing a material risk...
Microsoft’s flagship productivity assistant briefly did what it was built to do — read, index and summarise corporate communications — and in doing so it accidentally summarised email messages organizations had explicitly marked Confidential, bypassing Data Loss Prevention (DLP) and...
Microsoft confirmed a logic bug in Microsoft 365 Copilot that, for a window of weeks, allowed Copilot Chat’s “Work” experience to index and summarize emails that organizations had explicitly labeled as Confidential, effectively bypassing configured Data Loss Prevention (DLP) and...
For weeks this winter, Microsoft’s flagship productivity assistant, Microsoft 365 Copilot Chat, quietly indexed and summarised emails that organizations had explicitly marked Confidential, bypassing sensitivity labels and Data Loss Prevention (DLP) controls designed to stop exactly that — a...
Microsoft’s flagship productivity assistant, Microsoft 365 Copilot Chat, briefly read and summarized emails that organizations had explicitly labeled “Confidential,” exposing a gap between automated AI convenience and long‑standing enterprise access controls...
For weeks this winter, Microsoft’s flagship productivity assistant, Microsoft 365 Copilot, quietly did exactly what it was built to do — read, index and summarise corporate communications — and in the process it mistakenly summarised emails that organisations had explicitly marked Confidential...
Microsoft’s flagship productivity assistant, Microsoft 365 Copilot, briefly read and summarized emails that organizations had explicitly marked “Confidential,” revealing a logic error that bypassed Data Loss Prevention (DLP) and sensitivity‑label protections and forcing IT teams to confront a...
Microsoft has confirmed that a logic bug in Microsoft 365 Copilot Chat allowed the assistant to read and summarize emails labeled “Confidential” from users’ Sent Items and Drafts folders for several weeks, bypassing Data Loss Prevention (DLP) protections that organizations set up to stop...
Microsoft’s own service advisory confirms that a logic error in Microsoft 365 Copilot allowed the assistant to process and summarize email messages labeled “Confidential” in users’ Sent Items and Drafts folders — and that the company began rolling a server-side fix in early February 2026...
Microsoft has confirmed that a code defect in Microsoft 365 Copilot allowed the assistant to read and summarize sensitivity‑labeled emails stored in users’ Sent Items and Drafts — effectively bypassing the label and Data Loss Prevention (DLP) protections many enterprises rely on — and began...
Microsoft's Copilot has been quietly doing what it was designed to do—read, understand, and summarize conversations and documents—but a recently disclosed bug shows that automation can compound human error and weaken long-standing access controls in a heartbeat. For weeks, Microsoft 365 Copilot...
Microsoft has confirmed a software error that allowed its Copilot for Microsoft 365 assistant to read and summarize emails marked as confidential, bypassing the Data Loss Prevention (DLP) controls organizations rely on — and the problem persisted long enough that many IT teams are now scrambling...
For weeks in late January and early February 2026, a code error in Microsoft 365 Copilot allowed the assistant to index and summarize email messages that organizations had explicitly marked as confidential — bypassing sensitivity labels and Data Loss Prevention (DLP) controls for items in...
Microsoft’s flagship productivity AI for Microsoft 365 has a glaring privacy problem: for weeks a code error allowed Copilot Chat to read and summarize emails that organizations had explicitly labelled as confidential, bypassing Data Loss Prevention (DLP) controls and undermining a core tenant...