Microsoft says bug causes Copilot to summarize confidential emails
A Microsoft 365 Copilot bug has been quietly summarizing confidential emails since late January, ignoring the sensitivity labels and data loss prevention policies that organizations set up specifically to keep AI tools away from protected content. Microsoft says no unauthorized users gained access to data they couldn't already see, but the fact that Copilot bypassed enterprise security controls for nearly a month is a serious trust issue for IT teams relying on these guardrails. A fix has been deployed worldwide, though Microsoft hasn't disclosed how many organizations were affected.