Microsoft confirmed a Microsoft 365 Copilot Chat bug that caused the Copilot work tab to incorrectly read and summarize users’ emails from Sent Items and Drafts, even when those messages had confidential sensitivity labels and organizations had data loss prevention (DLP) policies intended to prevent such processing. The issue was tracked as admin-visible incident CW1226324, first detected in late January, and was attributed to an unspecified code error that allowed labeled items to be picked up by Copilot despite protections being in place.
Microsoft said it began rolling out a fix in early February and was still monitoring deployment while validating remediation with a subset of affected users; the company did not disclose how many customers were impacted or provide a firm timeline for full resolution. Separate reporting noted heightened institutional concern about built-in AI features handling sensitive correspondence (e.g., the European Parliament IT department blocking AI features on work devices), underscoring governance and data-handling risk when AI assistants can process content contrary to configured controls.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
3 events from the most recent confirmed update back to the earliest known activity.
By February 18, Microsoft said it was monitoring the remediation rollout and contacting a subset of affected users to validate that the issue was resolved. The company did not disclose how many customers were impacted or provide a final remediation timeline.
In early February, Microsoft started deploying a fix for the Copilot Chat bug that incorrectly processed confidential emails. One report specifies the rollout began on February 11, 2026, while Microsoft said deployment was still ongoing as not all affected environments had received it.
Microsoft said it first detected a code error in Microsoft 365 Copilot Chat that allowed the Copilot work tab to read and summarize emails in Sent Items and Drafts despite DLP policies and confidentiality or sensitivity labels. The issue was tracked as advisory CW1226324.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
4 references tracked. Mallory keeps watching after this page renders.
itsecurityguru.org
Open sourcecybersecuritynews.com
Open sourcebleepingcomputer.com
Open sourcetechcrunch.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.