InfoSecBulletin Cybersecurity for mankind
Microsoft has admitted that a coding bug accidentally allowed Copilot Chat to access and summarize confidential emails. Microsoft said that a bug in Microsoft 365 Copilot allowed the AI assistant to access private emails, raising serious privacy issues for companies using the service.
Bleeping Computer reports, the flaw bypasses data loss prevention (DLP) policies enabled by customers who wish to keep their data shielded from Microsoft’s AI. The issue reported on Jan. 21 affects the Work tab of Copilot Chat, a feature introduced to Microsoft 365 business users in September through Word, Excel, PowerPoint, Outlook, and OneNote.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
“We identified and addressed an issue where Microsoft 365 Copilot Chat could return content from emails labelled confidential authored by a user and stored within their Draft and Sent Items in Outlook desktop,” Microsoft said in its statement to the BBC.
“While our access controls and data protection policies remained intact, this behaviour did not meet our intended Copilot experience, which is designed to exclude protected content from Copilot access,” they added.
“A configuration update has been deployed worldwide for enterprise customers.”
A fix for the issue started rolling out earlier this month, but the company hasn’t said when it will be fully resolved. They are monitoring the situation and contacting affected users for feedback. It’s unclear how many organizations are impacted, but it seems the UK’s National Health Service (NHS) is one of them.
“Microsoft says it has rolled out an update to fix the issue, and that it “did not provide anyone access to information they weren’t already authorised to see”, BBC reported.
Microsoft Copilot Studio, launched in February 2023, enables companies to create AI assistants that are trained with their own data to automate tasks in Microsoft apps.
Since its launch, Microsoft has rapidly deployed its AI assistant, Copilot, across its tools like Word, Excel, Outlook, PowerPoint, and OneNote. In September 2025, Microsoft 365 business customers gained access to Copilot Chat, allowing direct interaction with AI agents.
Tech companies promote AI assistants as vital productivity tools, but cybersecurity experts caution that quick AI adoption introduces new security risks that organizations may find hard to manage. Companies dealing with sensitive data face particularly high stakes.
Back in 2024, security researcher Michael Bargury demonstrated how Copilot Studio bots can easily exfiltrate sensitive enterprise data, circumventing existing controls. The findings were revealed at the annual Black Hat USA 2024 security conference in Las Vegas.
According to the researcher, Copilot has an array of vulnerabilities that increase users’ risk. A combination of insecure defaults, over-permissive plugins, and wishful design thinking made data leakage “probable, not just possible,” the researcher said at the time.
Using an exploitation tool he created, the researcher scanned for publicly accessible copilots and abused them to extract sensitive enterprise data.
“Attackers can remotely take over your interactions with the Copilot. They can get the Copilot to do whatever they want on your behalf, manipulate you, and misinform your decisions. They have full control of every word the Copilot writes to you,” Bargury said.
