Microsoft Copilot Ignored Sensitivity Labels, Processed Confidential Emails

A code error in Copilot Chat’s “Work” tab allowed the AI to pull emails from users’ Sent Items and Drafts folders — even when those emails carried confidentiality labels and had DLP rules explicitly ...

Microsoft Copilot ignored sensitivity labels twice in eight months — and no DLP stack caught either one

Microsoft's CW1226324 advisory confirms Copilot bypassed sensitivity labels and DLP policies for four weeks. Combined with EchoLeak (CVE-2025-32711), it reveals a structural blind spot in enterprise ...

Check your Copilot settings after this confidential email bug

Microsoft says a Copilot "work tab" bug summarized confidential emails from Sent Items and Drafts despite labels and DLP. A fix is rolling out, but scope details are missing, so admins should validate ...
Kaleido Scope

Coming soon: Microsoft sensitivity labels

UAB IT employees are testing labels in Microsoft 365 apps to help identify classification of data. As a result of this pilot, you may see labels on documents shared with you by UAB IT employees.