Microsoft admits an Office bug exposed confidential user emails to Copilot

Copilot keyboard button — (Image credit: Microsoft)

Copilot Chat was reading Sent and Draft emails, but the Inbox folder appears to have been protected
The bug (CW1226324) was identified in January, a fix followed in February
Though the fix is rolling out, this is still an ongoing issue

Microsoft has confirmed that a bug in M365 Copilot Chat allowed the AI chatbot to summarise confidential emails without users' permission, bypassing data loss prevention (DLP) policies and sensitivity/confidentiality labels designed to block Copilot from accessing the emails in the first place.

Though inboxes were unaffected, Copilot Chat was getting access to Sent and Draft folders, and presumably entire threads within those, which also include incoming emails.

Tracked internally as CW1226324, the bug was first identified on January 21, 2026, but the company has already deployed a fix and continues to monitor the situation.

M365 Copilot Chat was reading your sensitive emails

"Users' email messages with a confidential label applied are being incorrectly processed by Microsoft 365 Copilot chat," the advisory reads.

Microsoft says an error code caused the issue, which allowed those labelled emails to be picked up: "A code issue is allowing items in the sent items and draft folders to be picked up by Copilot even though confidential labels are set in place."

The company started rolling out a fix in early February which it continues to monitor, but it seems that this is an ongoing issue that has not yet been fully resolved.

Microsoft is also believed to be contacting affecting users as the patch rolls out as it continues to verify the fix.

The timing of Microsoft's blunder is also very unfortunate, with the European Parliament recently banning all AI tools on worker devices on the basis that many systems were sharing data with the cloud, even though they could in theory be processing it locally.

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

TOPICS

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.