Microsoft says bug causes Copilot to summarize confidential emails
bleepingcomputer.com
February 18, 2026
2 min read
Summary
A bug in Microsoft 365 Copilot has caused the AI assistant to summarize confidential emails since January 21, bypassing data loss prevention (DLP) policies. This issue affects the Copilot "work tab" chat feature, allowing it to incorrectly read and summarize emails from users' Sent Items and Drafts folders.
Key Takeaways
- A bug in Microsoft 365 Copilot has been summarizing confidential emails since late January, violating data loss prevention (DLP) policies.
- The issue affects the Copilot "work tab" chat feature, incorrectly processing emails from users' Sent Items and Drafts folders that have confidentiality labels.
- Microsoft has confirmed the bug is due to a code error and began rolling out a fix in early February, while continuing to monitor the situation.
- Microsoft has not disclosed the number of affected users or organizations and has labeled the incident as an advisory.
Community Sentiment
NegativePositives
- The bug is fixable, indicating that Microsoft can address the issue and improve the AI's functionality over time.
- This incident highlights the ongoing evolution of AI tools, pushing for better permission models that could enhance user trust in the long run.
Concerns
- The breach of trust and privacy by Copilot raises serious concerns about the reliability of AI tools in handling sensitive information.
- There are significant questions about how confidential data is managed within the model, leading to fears about data security and privacy.
- The lack of a robust security posture from Microsoft leaves users uncertain about potential hidden vulnerabilities in their AI systems.
Source
bleepingcomputer.com
Published
February 18, 2026
Reading Time
2 minutes
Relevance Score
61/100
🔥🔥🔥🔥🔥
Why It Matters
This page is optimized for focused reading: quick context up top, a clean summary block, and a direct path to the original source when you want the full story.