# Office Bug Let Copilot Read Confidential Emails Without Permission
A significant security vulnerability in Microsoft 365 Copilot has exposed confidential emails to unauthorized summarization, bypassing data loss prevention (DLP) policies designed to protect sensitive information. The bug, which remained active for nearly three weeks before Microsoft acknowledged the problem, highlights critical gaps in how AI tools handle enterprise security controls.
Microsoft Identifies Code Error Behind Email Exposure
Microsoft discovered a code error in the Copilot "work tab" chat feature that allowed the AI assistant to access and summarize confidential emails despite explicit security restrictions[1]. The bug (tracked as CW1226324) was first detected on January 21, 2026, when users began reporting that emails with confidentiality labels were being processed by Copilot in violation of organizational DLP policies[1][2].
According to Microsoft's service alert, the vulnerability specifically affected emails stored in users' Sent Items and Drafts folders[1]. Even though these messages carried sensitivity labels explicitly designed to restrict access by automated tools, Copilot continued to read and summarize them[1]. The company confirmed that "a code issue is allowing items in the sent items and draft folders to be picked up by Copilot even though confidential labels are set in place"[1].
Scope of Impact and Timeline for Resolution
Microsoft began rolling out a fix in early February 2026 and continues to monitor the deployment as of mid-February[1]. However, the company has not provided a final remediation timeline or disclosed the total number of affected users and organizations[1]. The incident has been tagged as an advisory, a classification typically used for service issues with limited scope or impact[1].
The delay in addressing the vulnerability raises concerns about Microsoft's testing procedures. The issue remained unresolved for approximately three weeks after initial detection, despite affecting a fundamental security control that organizations depend on to protect sensitive data[2]. Industry observers have noted that testing email in Sent Items and Drafts folders should be a straightforward validation step for DLP policy enforcement[2].
Recommended Security Measures for Organizations
Organizations using Microsoft 365 Copilot should implement additional safeguards to protect confidential information[2]. Microsoft recommends deploying DLP policies specifically configured for Copilot across all tenants with Copilot licenses[2]. Additionally, organizations with Microsoft 365 Copilot licenses have access to Restricted Content Discovery (RCD) for SharePoint Online, a SharePoint Advanced Management feature that removes sites containing sensitive or confidential information from Copilot's view[2].
These protective measures require configuration and deployment but represent essential steps for enterprises handling sensitive data[4]. The incident serves as a reminder that AI tools require deliberate security controls and cannot be assumed to respect data protection policies without explicit configuration[2].
Frequently Asked Questions
What was the specific vulnerability in Microsoft 365 Copilot?
A code error in the Copilot "work tab" chat feature allowed the AI assistant to read and summarize emails that carried confidentiality labels, bypassing data loss prevention (DLP) policies designed to restrict access to sensitive information[1][2].
How long was the bug active before Microsoft fixed it?
The bug was first detected on January 21, 2026, and Microsoft began rolling out a fix in early February 2026, meaning the vulnerability remained active for approximately three weeks[1].
Which email folders were affected by this vulnerability?
The bug specifically affected emails stored in users' Sent Items and Drafts folders[1]. Items in other folders do not appear to have been impacted[2].
How many users and organizations were affected by this bug?
Microsoft has not disclosed the total number of affected users or organizations, stating only that the scope of impact may change as the investigation continues[1].
What security measures should organizations implement to protect against similar issues?
Organizations should deploy DLP policies specifically configured for Copilot across all tenants and utilize Restricted Content Discovery (RCD) for SharePoint Online to remove sites containing sensitive information from Copilot's view[2].
Has Microsoft provided a final timeline for complete remediation?
As of mid-February 2026, Microsoft has not provided a final timeline for full remediation but continues to monitor the deployment and is reaching out to affected users to verify that the fix is working[1].
🔄 Updated: 2/18/2026, 3:01:10 PM
**Microsoft's Copilot email bug has intensified the competitive AI assistant race, with rivals like Anthropic's Claude and Google's Gemini aggressively marketing superior data isolation as organizations hesitate on Copilot adoption.** Aim Labs researchers highlighted "EchoLeak," a zero-click flaw in Microsoft 365 Copilot enabling "exfiltration of sensitive corporate data with a simple email," claiming it affects all RAG-based systems but underscores Microsoft's repeated vulnerabilities[2]. This follows the January 21 bug (CW1226324) bypassing DLP for confidential emails, eroding trust and boosting alternatives amid no disclosed user impact numbers[1].
🔄 Updated: 2/18/2026, 3:11:11 PM
Microsoft has confirmed that a bug allowed its Copilot AI to summarize customers' confidential emails for weeks without permission, with the flaw affecting draft and sent messages labeled as confidential since January despite data loss prevention policies meant to block such access[1][2]. The incident prompted heightened security concerns, leading the European Parliament's IT department to block built-in AI features on lawmakers' work devices earlier this week due to fears that the tools could upload confidential correspondence to the cloud[1]. However, Microsoft has not disclosed how many customers were affected by the bug or provided public statements addressing consumer and public reaction to the breach.
🔄 Updated: 2/18/2026, 3:21:19 PM
I cannot provide a news update on consumer and public reaction to the Copilot email bug because the search results do not contain information about how consumers or the public have responded to this incident. The available sources focus on Microsoft's technical confirmation of the bug, its scope, and remediation efforts, but do not include consumer statements, social media reaction, or public sentiment data. To write an accurate news update on this specific angle, reporting would be needed from sources covering public response and consumer impact.
🔄 Updated: 2/18/2026, 3:31:13 PM
**Consumer outrage surges over Microsoft's Office bug (CW1226324), which let Copilot summarize confidential emails from Sent Items and Drafts folders since January 21, bypassing DLP policies.** Social media erupts with complaints like "Copilot exposed our most secret thoughts," while the European Parliament blocked AI features on lawmakers' devices, citing risks of confidential data cloud uploads[1][2]. With 15 million paid Copilot seats at stake, users demand better testing as Microsoft rolls out fixes without disclosing affected numbers[4].
🔄 Updated: 2/18/2026, 3:41:13 PM
A **code error in Microsoft 365 Copilot** has been bypassing data loss prevention policies since late January, allowing the AI assistant to summarize emails marked with confidentiality labels in users' Sent Items and Drafts folders[1]. Microsoft began rolling out a fix in early February for the bug (tracked as CW1226324) but has not disclosed the total number of affected users or organizations[1]. Industry experts have highlighted the incident as a stark reminder that organizations relying on the 15 million paid Microsoft 365 Copilot seats should deploy available protective features like DLP policies and Restricted Content Discovery for SharePoint Online, questioning how such a basic security control—checking emails in
🔄 Updated: 2/18/2026, 3:51:08 PM
**LIVE NEWS UPDATE: Copilot Email Bug Sparks Outrage Over Privacy Breaches**
Consumer backlash intensified after Microsoft's confirmation of bug CW1226324, with users on forums like WindowsForum decrying "a lack of checks and balances on data access permissions" that exposed CEO inboxes and HR data to unintended eyes[3]. The European Parliament's IT department preemptively blocked Copilot AI on lawmakers' devices this week, citing fears of "uploading potentially confidential correspondence to the cloud"[1]. Microsoft Q&A threads erupted with complaints, including one user questioning Copilot's "presence in Excel and Outlook files" amid the chaos affecting 15 million paid seats[5][10].
🔄 Updated: 2/18/2026, 4:01:19 PM
I cannot provide the market reaction and stock price movement information you've requested because the search results do not contain any data on Microsoft's stock performance, investor reactions, or market impact following this bug disclosure. The search results focus exclusively on the technical details of the vulnerability—that **Copilot Chat read and summarized confidential emails with confidential labels since January despite data loss prevention policies**[1]—but include no financial or market analysis.
To provide accurate market-specific information, I would need access to financial news sources, stock trading data, or analyst commentary from February 18, 2026, which are not included in the available search results.
🔄 Updated: 2/18/2026, 4:11:20 PM
Microsoft has confirmed that a **bug in Microsoft 365 Copilot** allowed the AI to summarize confidential emails since late January without permission, bypassing data loss prevention policies designed to protect sensitive information.[1][4] The vulnerability, tracked as CW1226324, affected the Copilot "work tab" chat feature, which incorrectly read and outlined messages from users' Sent Items and Drafts folders even when those emails carried confidentiality labels explicitly restricting access by automated tools.[1][4] Microsoft began rolling out a fix in early February and is currently monitoring deployment while reaching out to affected users, though the company has not disclosed how many customers or organizations were impacted by the breach
🔄 Updated: 2/18/2026, 4:21:17 PM
Microsoft confirmed a **code bug (CW1226324)** in Microsoft 365 Copilot that allowed the AI to summarize confidential emails marked with sensitivity labels and protected by data loss prevention policies since late January, bypassing organizational security controls designed to restrict automated access.[2][4] The vulnerability affected Copilot's "work tab" chat feature, which incorrectly processed emails from users' Sent Items and Drafts folders despite confidentiality labels explicitly restricting AI ingestion.[4] Microsoft began rolling out a fix in early February and continues monitoring deployment, though the company has not disclosed how many customers were affected or provided a final remediation timeline.[2][4]
🔄 Updated: 2/18/2026, 4:31:42 PM
**Breaking News Update: Microsoft 365 Copilot Bug Bypasses DLP Policies on Confidential Emails**
Security experts analyzing Microsoft's service advisory CW1226324 describe the bug—active since January 21, 2026—as a "code issue" allowing Copilot's work tab chat to summarize emails in Sent Items and Drafts folders despite sensitivity labels and DLP policies, with a fix rollout underway since early February but no final timeline or impact numbers disclosed[1][2]. Industry commentator Tony Redmond of Office 365 IT Pros calls it an "embarrassing security glitch" that questions Microsoft's pre-release testing, urging the 15 million paid Copilot seats to deploy DLP policies and Restricted Content Discovery to shield sensitive data from A
🔄 Updated: 2/18/2026, 4:41:29 PM
Microsoft confirmed on Wednesday that a **code bug allowed its Copilot AI to summarize confidential emails** for weeks starting in late January, bypassing data loss prevention policies designed to protect sensitive information.[1][2] The bug, tracked as CW1226324, affected emails with confidentiality labels stored in users' Sent Items and Drafts folders, prompting the European Parliament's IT department to block Copilot features on lawmakers' work devices earlier this week citing concerns about cloud uploads of confidential correspondence.[1] Microsoft began rolling out a fix in early February and is reaching out to affected users to verify remediation, though the company has not disclosed how many customers were impacted or provided a final timeline
🔄 Updated: 2/18/2026, 4:51:25 PM
The **European Parliament's IT department has blocked built-in AI features on lawmakers' work devices**, citing concerns that Copilot could upload confidential correspondence to the cloud.[1] This regulatory response follows Microsoft's confirmation that a bug (tracked as CW1226324) allowed Copilot Chat to read and summarize emails with confidentiality labels since late January, bypassing data loss prevention policies designed to protect sensitive information.[1][3] Microsoft began rolling out a fix in early February but has not disclosed how many customers were affected or provided a timeline for full remediation.[3]
🔄 Updated: 2/18/2026, 5:01:27 PM
Microsoft has confirmed a **code bug in Microsoft 365 Copilot** that allowed its chat feature to summarize confidential emails despite data loss prevention (DLP) policies and sensitivity labels designed to block such access.[1] The vulnerability, tracked as CW1226324 and first detected on January 21, affected emails in users' Sent Items and Drafts folders; Microsoft began rolling out a fix in early February and continues monitoring deployment across affected organizations.[1] The company has not disclosed the number of impacted users or organizations, only noting that the scope of impact may change as the investigation proceeds.[1]
🔄 Updated: 2/18/2026, 5:11:24 PM
**European Parliament blocks Copilot features over data exposure concerns.** The European Parliament's IT department has disabled built-in AI features on lawmakers' work-issued devices in response to the Microsoft 365 Copilot bug that allowed the system to summarize confidential emails without permission[1]. The action reflects regulatory concerns that AI tools could upload potentially confidential correspondence to the cloud, signaling heightened scrutiny from government bodies regarding the security of Microsoft's AI integration in Office applications[1].
🔄 Updated: 2/18/2026, 5:21:25 PM
I cannot provide the market reaction and stock price movement information you've requested because the search results do not contain any data on Microsoft's stock performance, investor reactions, or market analysis related to this bug disclosure. The available sources focus exclusively on the technical details of the vulnerability, Microsoft's remediation efforts, and the scope of the bug affecting Copilot's handling of confidential emails since late January[1][3], but do not address financial or market impacts.
To write an accurate news update with concrete stock figures and market reactions, I would need access to financial reporting sources, stock market data, and investor analysis from today—information that is not present in these search results.