Microsoft has discovered that a bug in Microsoft 365 Copilot allowed its AI assistant to create summaries of confidential emails without users’ permission since late January, Bleeping Computer reports. The problem was caused by an unspecified bug in the code that allowed Copilot to access the Sent and Drafts folders, even if the emails were labeled confidential.
Microsoft began rolling out a fix in early February and is currently tracking its effectiveness, contacting a subset of users to verify the fix. The company confirmed that emails with sensitive labels were being handled incorrectly, which could have potentially exposed sensitive information.
Copilot Chat is an AI-powered chatbot that allows you to interact with AI in Word, Excel, PowerPoint, Outlook, and OneNote. It began rolling out to paid business customers in September 2025.
Microsoft did not specify the exact number of users or organizations affected or provide a specific timeframe for a full fix, noting that the scope of the impact may change during the investigation. The incident is classified as advisory, a flag for service issues of limited scope or impact. The incident highlights that even intended security policies sometimes fail to protect information from errors in AI systems, highlighting the importance of constant oversight and monitoring of new corporate functions.
