Imagine your super smart robot helper at work starts reading your private diary. Not because it is nosy, but because someone forgot to lock the door?
That’s basically what happened with Microsoft Copilot this month.
Since January 21, a bug inside Microsoft 365 Copilot Chat caused it to read and summarize emails marked "confidential." We’re talking about business contracts, legal docs, and HR discussions sitting in the Sent and Drafts folders. Copilot completely ignored the privacy rules companies set up to stop exactly this from happening.
Microsoft confirmed the bug (tracked as CW1226324) and started rolling out a fix in early February. But as of this week, the fix still hasn't reached every customer, and Microsoft is being very quiet about how many companies were impacted.
😬 Why this is a total gut-punch for AI adoption
The Safety Nets Failed: Microsoft spent over a year building "enterprise-grade" controls to keep AI away from sensitive data. This incident showed those controls can fail for weeks before anyone notices.
Copilot's value depends entirely on its ability to access and synthesize information across a user's documents and communications. But that same capability creates serious security risks if the system cannot reliably distinguish between what it should process and what is protected by organizational policy.
It hit the most sensitive emails first. Sent Items and Drafts folders are where the juiciest stuff lives, we’re talking: NDAs, layoff discussions, legal strategy, client negotiations, medical records, And while the breach wasn’t a full data collapse, its surgical precision makes it more unsettling, especially now that enterprise AI adoption was finally gaining real momentum after years of hype
Legal Exposure: Under GDPR and CCPA, companies might have to tell partners, customers, and regulators if protected data was processed without permission. The problem? Microsoft hasn't given companies a way to prove what was read and what wasn't, meaning they can't even prove if a breach happened.
The European Parliament already saw this coming: Earlier this month, the EU Parliament's IT department actually blocked AI features on lawmakers' devices. They cited concerns about confidential data hitting the cloud. It turns out they were right.
🛡️ The "Damage Control" Checklist
If your company uses Copilot, security experts recommend doing this right now:
Audit Your Logs: Look at your Purview and Copilot activity from January 21 to now. Search for any queries that pulled data from Sent Items or Drafts.
Hit the Pause Button: Consider disabling Copilot Chat for high-risk users (HR, Legal, C-Suite) until the fix is 100% confirmed.
Request Evidence: Ask Microsoft for an "evidence package" including interaction logs so you can see if your data was actually touched.
The Big Picture:
This isn't just a Microsoft bug; it is a stress test for the entire AI industry. Companies have been told it is safe to give AI the keys to the castle because "safeguards exist."
The fact that it took weeks to acknowledge this suggests that AI "behavior monitoring" is still in the toddler phase. And hey, nothing slows the AI train like a bot quietly reading the CEO’s private emails.
The Lesson: Just because a robot can read your emails doesn't mean it should actually read your emails.
Be safe out there (and stay private).
