Microsoft Copilot Bug Exposed Confidential Emails
Microsoft disclosed a security bug in its Copilot service that allowed for the unauthorized summarization of confidential emails, bypassing Data Loss Prevention (DLP) protocols. The company fixed the vulnerability on February 3rd. The full impact and whether any confidential data was accessed by unauthorized users have not been detailed.
- The vulnerability, tracked as CW1226324, was first detected on January 21, 2026, and specifically impacted the "work tab" chat feature within Microsoft 365 Copilot. - A "code issue" allowed the AI to process and summarize emails from users' "Sent Items" and "Drafts" folders, even when they were protected with "confidential" sensitivity labels. - Microsoft's official statement clarified that the bug did not grant access to information users weren't already authorized to see, but acknowledged the behavior was unintended as Copilot is designed to exclude protected content. - The bug had real-world consequences for major organizations; the UK's National Health Service (NHS) logged the issue internally as incident INC46740412. - This event is one of several recent security issues for Copilot, including a "zero-click" vulnerability dubbed "EchoLeak" and another flaw that allowed file access without generating audit logs. - Discussions on developer forums like Hacker News focused on the difficulty of ensuring confidential data is purged from AI models after such incidents and the potential for more unknown unknowns in complex AI systems. - The incident highlights a growing challenge for enterprise AI, as traditional Data Loss Prevention (DLP) tools were not designed to govern AI models that can transform, summarize, and process data in novel ways.
