Microsoft has warned that a Microsoft 365 Copilot issue led Copilot Chat to generate summaries from confidential emails that should have been blocked by sensitivity labels and data loss prevention controls. It detected the problem on January 21, and tied it to the Copilot “work tab” chat experience.
If your workplace relies on labels and DLP to keep sensitive mail from being processed, the immediate question is simple. Did the fix reach your tenant, and does Copilot still pull from the wrong places.
A DLP bypass in the work tab
First spotted by BleepingComputer, Microsoft says an internal code error caused Copilot “work tab” chat to pick up items from Sent Items and Drafts, then summarize them even when a sensitivity label and a DLP policy were configured.
Those folders are also where sensitive material tends to live. Drafts can hold negotiations, early numbers, or language you never intended to send. Sent Items can include the final wording that went to a customer, partner, or regulator. A summary that includes restricted text makes it easier for information to travel inside everyday chat.
For admins, the key point is that this isn’t about someone copy pasting an email into Copilot.
What Microsoft still isn’t saying
Microsoft began deploying a fix in early February and says it’s monitoring to confirm the change works. But it hasn’t shared two details security teams will care about, how many tenants were affected, and how far back the behavior went before it was detected on January 21.
Without a clear window, it’s hard to choose between a narrow review and a broader one.
What you should do next
Admins should test whether Copilot “work tab” chat can still summarize labeled emails from those mail folders in your environment. Write down what you observe, and keep it with audit notes in case your security team needs to document impact later. Be thorough.
For everyone else, treat Copilot summaries as something to verify, not something to trust by default, until your IT team confirms the updated behavior. If you handle regulated or contract bound information, flag this now so the controls can be checked instead of assumed.
