Microsoft Copilot AI Bug Exposes Confidential Emails by Bypassing Security Controls

Microsoft 365 Copilot is an AI system integrated into productivity apps, and the bug caused unauthorized access to private emails, constituting a violation of privacy rights. This is a direct harm caused by the AI system's malfunction, fitting the definition of an AI Incident due to breach of obligations protecting fundamental rights.

An AI system (Microsoft 365 Copilot) malfunctioned by accessing private and confidential emails without authorization. This unauthorized access directly leads to a violation of users' rights to privacy and confidentiality, which falls under violations of human rights and legal obligations protecting fundamental rights. Therefore, this event qualifies as an AI Incident due to the realized harm caused by the AI system's malfunction.

The event involves an AI system (Microsoft 365 Copilot Chat) malfunctioning by incorrectly processing confidential emails, leading to unauthorized exposure of sensitive information. This directly relates to a violation of rights, specifically privacy and data protection obligations, which fits the definition of an AI Incident. The harm has already materialized as confidential emails were accessed and summarized without consent. Therefore, this is classified as an AI Incident.

The event involves an AI system (Microsoft Copilot) malfunctioning by bypassing data loss prevention policies and accessing confidential emails without consent. This misuse directly leads to a breach of obligations intended to protect fundamental rights related to privacy and confidentiality. Therefore, it meets the criteria of an AI Incident due to the realized harm of unauthorized exposure of confidential information caused by the AI system's malfunction.

An AI system (Microsoft Copilot) is explicitly involved and malfunctioning by accessing confidential emails despite protections. This malfunction directly leads to a violation of data privacy, which constitutes a breach of obligations under applicable law protecting fundamental rights, including privacy. The unauthorized reading and summarizing of confidential emails is a clear harm to individuals and organizations relying on confidentiality, thus meeting the criteria for an AI Incident. The ongoing investigation and fix rollout do not negate the realized harm from the bug.

The event involves an AI system (Microsoft 365 Copilot Chat) that malfunctioned by incorrectly processing confidential emails despite data loss prevention policies. This misuse of the AI system directly led to a violation of privacy and confidentiality, which constitutes a breach of obligations under applicable law protecting fundamental rights. Therefore, this qualifies as an AI Incident due to the realized harm related to unauthorized access and processing of sensitive data by the AI system.

An AI system (Microsoft 365 Copilot Chat) is explicitly involved and malfunctioning by ignoring configured sensitivity labels and DLP policies, resulting in the unauthorized processing and summarization of confidential emails. This misuse directly leads to a breach of data confidentiality, which is a violation of rights and organizational security obligations. The harm is realized as confidential information is exposed through the AI's outputs, fulfilling the criteria for an AI Incident under violations of rights and harm to property or communities (in this case, data confidentiality).

The event involves an AI system (Microsoft 365 Copilot) whose malfunction directly led to unauthorized access and processing of confidential emails, violating data protection policies and potentially users' privacy rights. This constitutes a breach of obligations under applicable law intended to protect fundamental rights (privacy and confidentiality), fitting the definition of an AI Incident. The harm is realized (unauthorized access and summarization of confidential data), not merely potential, and the AI system's malfunction is the direct cause. Therefore, this event qualifies as an AI Incident rather than a hazard or complementary information.

The article explicitly involves an AI system (Microsoft 365 Copilot) that automatically uploads and processes files using AI. However, it does not describe any realized harm such as privacy breaches, unauthorized data use, or other violations. The main issue is user frustration and app functionality changes, which do not meet the threshold for harm or plausible future harm. The event is an update on how the AI system operates and its impact on user experience, fitting the definition of Complementary Information rather than an Incident or Hazard.

An AI system (Copilot Chat) malfunctioned by incorrectly processing confidential emails, leading to a breach of data protection policies and potentially violating users' rights to privacy and confidentiality. This directly relates to harm under category (c) violations of human rights or breach of obligations under applicable law protecting fundamental rights. Since the bug caused actual unauthorized access and processing of sensitive data, this qualifies as an AI Incident rather than a hazard or complementary information.

The event involves an AI system (Microsoft Copilot) malfunctioning by ignoring privacy protections and accessing confidential emails without authorization. This malfunction has directly caused harm in the form of privacy violations and breaches of data protection, which fall under violations of human rights and legal obligations. The harm is realized, not just potential, as the AI ingested and summarized confidential information. Hence, this qualifies as an AI Incident rather than a hazard or complementary information.

The event involves an AI system (Microsoft's Copilot) malfunctioning by bypassing permission controls and leaking confidential information to unauthorized users. This directly led to harm in the form of unauthorized disclosure of sensitive data, which constitutes a violation of privacy rights and potentially breaches legal and regulatory frameworks such as GDPR, HIPAA, and others. The AI system's role is pivotal as the summaries were generated and surfaced by the AI despite existing access controls. Therefore, this qualifies as an AI Incident due to realized harm caused by the AI system's malfunction.

Microsoft 365 Copilot is an AI assistant that processes and summarizes emails, clearly an AI system. The vulnerability causes it to incorrectly handle sensitive data, bypassing Data Loss Prevention policies and exposing confidential information. This directly leads to harm in terms of violation of privacy and confidentiality rights, fitting the definition of an AI Incident due to the realized harm from the AI system's malfunction.

The event explicitly involves an AI system (Microsoft 365 Copilot) malfunctioning by bypassing DLP policies and accessing confidential emails without permission. This unauthorized access constitutes a violation of privacy and data protection rights, which are fundamental rights protected by law. The harm has already occurred as confidential information was processed without consent. Therefore, this qualifies as an AI Incident due to the direct involvement of the AI system's malfunction causing harm related to privacy and legal obligations.

The AI system involved is Microsoft's Copilot Chat, an AI-powered assistant that processes email content. The bug caused the AI to improperly access and summarise confidential emails, bypassing security controls, which directly led to a breach of confidentiality and privacy rights. This fits the definition of an AI Incident because the AI system's malfunction directly caused harm related to violations of rights and confidentiality. The event is not merely a potential risk or a complementary update but a realized harm due to AI malfunction.

The event involves an AI system (Microsoft 365 Copilot) malfunctioning by accessing and summarizing confidential emails it should not have processed, thereby bypassing data-loss-prevention controls. This constitutes a breach of privacy and potentially a violation of obligations under applicable law protecting fundamental rights. The harm (unauthorized exposure of confidential information) has occurred, and the company has taken remediation steps. Therefore, this qualifies as an AI Incident due to the realized harm caused by the AI system's malfunction.

An AI system (Microsoft 365 Copilot) malfunctioned by accessing and summarizing confidential emails, bypassing security controls, which constitutes a breach of data protection and privacy rights. This directly led to potential harm through unauthorized exposure of sensitive information, fitting the definition of an AI Incident involving violation of rights and harm to property (confidential data).

An AI system (Copilot) was involved and malfunctioned by bypassing data loss prevention controls, leading to unauthorized summarization of confidential emails. This constitutes a violation of privacy and potentially legal obligations to protect sensitive information, which fits the definition of an AI Incident due to harm related to breach of rights and confidentiality. The harm has already occurred, and the company has taken remediation steps, confirming the incident's materialization.

The event involves an AI system (Microsoft's Copilot) malfunctioning by summarizing internal emails that were meant to remain private, directly leading to unauthorized exposure of private information. This is a clear violation of privacy rights and confidentiality obligations, which falls under harm category (c) - violations of human rights or breach of obligations under applicable law. The incident has already occurred and persisted for several weeks, confirming realized harm rather than a potential risk. Hence, the classification as an AI Incident is appropriate.

The event involves an AI system (Microsoft 365 Copilot) whose malfunction (a programming bug) directly led to unauthorized access and reading of confidential emails, violating privacy and security policies. This constitutes a breach of fundamental rights and obligations under applicable law, fulfilling the criteria for an AI Incident. The harm has already occurred, and the AI system's role is pivotal as it was the component that accessed and processed the confidential data improperly. The ongoing rollout of a fix does not negate the fact that harm has materialized.

The event involves an AI system (Microsoft 365 Copilot) whose malfunction (a code-level defect) directly leads to a breach of confidentiality controls, exposing sensitive information in violation of data protection policies. This constitutes a violation of obligations under applicable law protecting fundamental and intellectual property rights, as well as harm to organizational data security. The harm is realized or ongoing, not merely potential, as sensitive data is being processed without authorization. Therefore, this qualifies as an AI Incident due to the direct link between the AI system's malfunction and the harm caused.

The event explicitly involves an AI system (Microsoft 365 Copilot Chat) malfunctioning by improperly processing confidential emails, which constitutes a breach of privacy and confidentiality. This is a direct harm to users' rights and data security, fitting the definition of an AI Incident. The bug caused unauthorized exposure of sensitive information, which is a clear violation of obligations intended to protect fundamental rights. Therefore, this qualifies as an AI Incident rather than a hazard or complementary information.

The Microsoft 365 Copilot is an AI system that processes email content to generate summaries. The described bug caused the AI to bypass configured data loss prevention policies, leading to exposure of confidential information. This directly resulted in a violation of users' data privacy rights, which falls under harm category (c) - violations of human rights or breach of obligations under applicable law protecting fundamental rights. Since the AI system's malfunction directly led to this harm, this qualifies as an AI Incident.

The event involves an AI system (Microsoft 365 Copilot Chat) malfunctioning by improperly processing and exposing confidential email content, which is a direct violation of data protection and confidentiality rights. This meets the criteria for an AI Incident because the AI system's malfunction directly led to harm in the form of exposure of confidential information, a violation of fundamental rights and data protection obligations. The presence of the AI system is explicit, the malfunction is clear, and the harm (confidential data exposure) is realized. Therefore, this event is classified as an AI Incident.

The Microsoft 365 Copilot is an AI system designed to process and summarize organizational content, including emails. The malfunction in its code caused it to ignore configured sensitivity labels and data protection policies, leading to unauthorized processing of confidential information. This directly breaches data protection and confidentiality obligations, constituting harm to rights protected by law. The incident is not merely a potential risk but a realized breach, as the AI system processed sensitive data improperly. Hence, it meets the criteria for an AI Incident rather than a hazard or complementary information.

The event involves an AI system (Microsoft 365 Copilot) malfunctioning by incorrectly processing confidential emails, leading to exposure of sensitive content. This constitutes a violation of obligations under applicable law intended to protect fundamental rights, specifically privacy and confidentiality. Even though Microsoft claims no unauthorized access beyond authorized users occurred, the AI system's malfunction directly led to a breach of data protection policies and potential harm to privacy. Therefore, this qualifies as an AI Incident under the framework.

The event explicitly involves an AI system (M365 Copilot Chat) malfunctioning by improperly accessing confidential emails despite protective labels. This unauthorized access constitutes a breach of confidentiality and privacy rights, which are fundamental human rights. The harm has already occurred as confidential emails were exposed without consent. Therefore, this qualifies as an AI Incident due to the direct harm caused by the AI system's malfunction and the violation of users' rights.

The event explicitly involves an AI system (Microsoft 365 Copilot) malfunctioning by incorrectly accessing and summarising confidential emails, bypassing data loss prevention policies and confidentiality labels. This misuse of the AI system has directly led to a breach of privacy and confidentiality, which is a violation of rights protected under applicable law. The harm is realized, not just potential, as confidential information was processed without authorization. The company's response and ongoing remediation efforts do not negate the fact that harm has occurred. Hence, this is classified as an AI Incident rather than a hazard or complementary information.

The event involves an AI system (Microsoft Copilot) malfunctioning by bypassing security protections and accessing confidential information, which constitutes a violation of privacy and potentially human rights related to data protection. This harm has already occurred as the AI system directly led to unauthorized access and processing of sensitive data. Therefore, this qualifies as an AI Incident due to realized harm stemming from the AI system's malfunction.

The Microsoft 365 Copilot is an AI system integrated into Microsoft 365 products that uses AI to summarize content. The bug caused the AI to access and summarize confidential emails improperly, which is a direct misuse of the AI system leading to exposure of sensitive data. This exposure constitutes harm to users' rights to confidentiality and privacy, fitting the definition of an AI Incident under violations of rights. The harm has already occurred as emails were exposed, and the company is working on remediation, confirming the incident status rather than a mere hazard or complementary information.

The event involves an AI system (Microsoft Copilot) whose malfunction directly led to the unauthorized disclosure of confidential information, which is a violation of privacy rights and confidentiality obligations. This harm to users' privacy and potential breach of legal protections qualifies as an AI Incident under the framework. The presence of the AI system is explicit, the harm has occurred, and the malfunction is acknowledged by the company. Therefore, this event is classified as an AI Incident.

The event explicitly involves an AI system (Microsoft Copilot) malfunctioning by ignoring privacy and confidentiality rules, leading to unauthorized reading of protected emails. This constitutes a violation of fundamental rights related to privacy and confidentiality, fitting the definition of an AI Incident under violations of human rights or breach of obligations under applicable law. The harm is realized, not just potential, as the AI has already accessed sensitive data improperly. Therefore, this event qualifies as an AI Incident.

The event explicitly involves an AI system (Microsoft Copilot Chat) whose malfunction (a code error) caused it to bypass data loss prevention policies and access confidential emails without consent. This directly led to a violation of privacy, a breach of user rights, and thus harm as defined under AI Incident criteria. The harm is realized, not just potential, and the AI system's role is pivotal. Therefore, this qualifies as an AI Incident.

The Microsoft 365 Copilot is an AI system that processes email content to generate summaries. The bug causes the AI to ignore confidentiality labels and DLP policies, leading to unauthorized processing of sensitive data. This constitutes a violation of data protection principles and potentially breaches privacy and confidentiality rights, which falls under harm to rights and possibly harm to communities. Since the AI system's malfunction directly leads to this harm, this event qualifies as an AI Incident.

The Microsoft 365 Copilot is an AI system that processes and summarizes email content. The bug allowed the AI to bypass confidentiality labels and DLP policies, leading to unauthorized processing of sensitive information. This is a direct malfunction of the AI system causing a violation of privacy rights and potentially exposing confidential data, which fits the definition of an AI Incident under violations of human rights or breach of obligations to protect fundamental rights. Although the full scope and number of affected users are not disclosed, the harm is realized and ongoing until fully fixed. Therefore, this event qualifies as an AI Incident.

The event explicitly involves an AI system (Microsoft Copilot) malfunctioning due to a code error that led to unauthorized access to confidential professional emails. This breach of confidentiality and privacy rights is a direct harm linked to the AI system's malfunction. The incident has already occurred, with Microsoft acknowledging the issue and deploying a fix, indicating realized harm rather than a potential risk. Hence, it meets the criteria for an AI Incident rather than a hazard or complementary information.

The event involves an AI system (Microsoft Copilot) whose malfunction (a code bug) directly led to unauthorized access and processing of confidential user emails, violating data protection policies and potentially users' rights to privacy and confidentiality. This constitutes a breach of obligations under applicable law protecting fundamental rights, fitting the definition of an AI Incident. The harm is realized (confidential data was accessed and summarized), not merely potential, and the AI system's malfunction is the direct cause.

The Copilot is an AI system integrated into Microsoft 365 that processes and summarizes email content. The bug caused it to inadvertently reveal confidential information, which constitutes a violation of privacy and potentially breaches data protection rights. This exposure of sensitive data is a direct harm to individuals' rights and privacy, fitting the definition of an AI Incident under violations of human rights or breach of obligations to protect fundamental rights. Therefore, this event qualifies as an AI Incident.

The event involves an AI system (Microsoft 365 Copilot) malfunctioning by bypassing configured sensitivity labels and DLP policies, leading to the AI generating summaries from confidential emails that should have been blocked. This directly implicates a breach of obligations under applicable law intended to protect fundamental and intellectual property rights, as well as potentially harming confidentiality and privacy. The harm is realized (not just potential), as sensitive information was accessible and summarized by the AI. Therefore, this qualifies as an AI Incident due to the AI system's malfunction directly leading to a breach of protections for sensitive data.

The event explicitly involves an AI system (Microsoft 365 Copilot Chat) malfunctioning by accessing and summarizing confidential emails without consent, which is a direct violation of privacy and confidentiality rights. This constitutes harm under the definition of an AI Incident, specifically a violation of human rights and breach of obligations intended to protect fundamental rights. The harm has already occurred as the bug was active for about a month. The company's response and fix rollout are complementary information but do not negate the incident itself.

The article explicitly involves an AI system (Microsoft's Copilot) that malfunctioned by accessing confidential emails and aggregating data from multiple Microsoft services without proper user consent or adequate safeguards. This malfunction directly led to a breach of privacy, which constitutes a violation of fundamental rights and harms users. The incident is not hypothetical or potential; it has already occurred and been acknowledged by Microsoft. Therefore, it meets the criteria for an AI Incident due to the realized harm to users' privacy and rights caused by the AI system's malfunction.

The event involves an AI system (Copilot) malfunctioning by accessing protected emails it should not have processed, which constitutes unauthorized access to sensitive data. This is a direct harm to privacy and confidentiality, falling under violations of rights and harm to property or communities. The AI system's malfunction directly led to this harm, making it an AI Incident rather than a hazard or complementary information. The presence of the bug and its exploitation of protected data clearly meets the criteria for an AI Incident.

The event explicitly involves an AI system (Microsoft Copilot) malfunctioning by accessing confidential emails, which constitutes a breach of privacy and a violation of rights. The harm has already occurred as the AI system read sensitive data without proper authorization. The incident is directly linked to the AI system's malfunction and its use in an enterprise context, fulfilling the criteria for an AI Incident under violations of human rights or breach of obligations to protect fundamental rights (privacy). The company's ongoing investigation and patching do not negate the realized harm.

The article explicitly mentions an AI system (Microsoft 365 Copilot Chat) malfunctioning by improperly processing confidential emails, leading to unauthorized access and analysis of private information. This constitutes a violation of rights and a breach of obligations intended to protect fundamental rights, specifically privacy and confidentiality. Since the harm has already occurred due to the bug's operation over several weeks, this qualifies as an AI Incident rather than a hazard or complementary information.

The event involves an AI system (Microsoft 365 Copilot) malfunctioning by ignoring configured sensitivity labels and DLP policies, leading to unauthorized reading and summarization of confidential emails. This is a direct violation of data protection and privacy rights, which falls under harm category (c) - violations of human rights or breach of legal obligations protecting fundamental rights. The harm is realized, not just potential, as confidential information was accessed without authorization. Therefore, this qualifies as an AI Incident.

The event involves an AI system (Microsoft Copilot) malfunctioning by accessing and summarizing confidential emails despite data loss prevention labels intended to block such access. This malfunction directly caused a breach of confidentiality, which is a violation of legal and privacy rights. Although the impact appears limited and a fix is underway, the incident meets the criteria of an AI Incident because the AI system's malfunction has directly led to harm in the form of unauthorized disclosure of confidential information. Therefore, this event should be classified as an AI Incident.

The event involves an AI system (Copilot Chat) malfunctioning due to a coding bug, which directly led to unauthorized access to confidential emails, violating users' privacy and data protection rights. This fits the definition of an AI Incident because the AI system's malfunction caused a breach of obligations under applicable law protecting fundamental rights (privacy and confidentiality). The involvement of the AI system is explicit, and the harm (unauthorized data access) has materialized. Therefore, this is classified as an AI Incident.

The event involves an AI system (Microsoft's Copilot Chat) malfunctioning by bypassing security policies and accessing confidential emails without permission. This misuse of AI directly leads to a violation of data privacy and security, which falls under violations of human rights or breach of applicable law protecting fundamental rights (specifically privacy and confidentiality). The harm is realized as confidential information was improperly processed, posing significant risks to affected companies. Therefore, this qualifies as an AI Incident due to the direct harm caused by the AI system's malfunction.

The event involves an AI system (Microsoft Copilot) whose malfunction or misuse has directly led to harm in the form of exposure of confidential information, which constitutes harm to property and potentially breaches data protection rights. The AI system's failure to respect security controls and data classification policies caused unauthorized disclosure of sensitive data, fulfilling the criteria for an AI Incident under the definitions provided. The harm is realized, not just potential, and involves violation of confidentiality and security obligations.

The event involves an AI system (Microsoft 365 Copilot) that processes organizational content including emails. The bug caused the AI to access and summarize confidential emails despite safeguards, leading to unauthorized exposure of sensitive information. This constitutes a breach of obligations intended to protect fundamental rights to privacy and confidentiality, fitting the definition of an AI Incident. The harm is realized (not just potential), as confidential data was processed incorrectly. Therefore, this is classified as an AI Incident rather than a hazard or complementary information.

The Microsoft 365 Copilot is an AI system used to assist with email summarization. The bug described causes the AI to access and summarize confidential emails that should have been protected by data loss prevention policies. This results in a breach of confidentiality and potentially violates privacy and data protection rights. Since the AI system's malfunction directly leads to exposure of sensitive information, this qualifies as an AI Incident under the definitions provided, specifically under violations of rights and harm to property or communities.

The event explicitly involves an AI system (Microsoft Copilot AI) malfunctioning by bypassing data loss prevention controls and accessing confidential emails without authorization. This led to a direct breach of privacy and confidentiality, which constitutes harm to individuals and organizations. The exposure lasted for weeks before detection and remediation began, indicating a significant realized harm. The incident fits the definition of an AI Incident because the AI system's malfunction directly caused a violation of rights and harm to property (confidential information).

Microsoft 365 Copilot is an AI assistant integrated into Microsoft 365, performing tasks such as summarizing emails. The bug allowed it to access and summarize emails that should have been protected by DLP policies, leading to unauthorized exposure of sensitive information. This is a direct harm caused by the AI system's malfunction, impacting privacy and compliance, which falls under violations of rights and harm to communities or organizations. Therefore, this event qualifies as an AI Incident.

The event involves an AI system (Microsoft 365 Copilot) whose malfunction (a bug) directly led to unauthorized access to confidential user emails, violating data confidentiality and privacy rights. This constitutes a breach of obligations under applicable law protecting fundamental rights, specifically privacy and data protection. The harm is realized, not just potential, as confidential information was accessible and summarized by the AI. Therefore, this qualifies as an AI Incident.

Microsoft 365 Copilot is an AI system that processes email content to generate summaries. The bug allowed it to access and process emails in Sent and Draft folders without proper authorization, bypassing controls designed to prevent such exposure. This unauthorized processing of sensitive data is a direct harm linked to the AI system's malfunction. Although the full scope of data exposure is not publicly known, the incident involves realized harm to confidentiality and privacy, fitting the definition of an AI Incident.

The Copilot feature is an AI system that generates email summaries by processing mailbox content. The bug caused it to access data it should not have, bypassing DLP protections, which directly led to unauthorized exposure of user data, a violation of privacy rights and data protection obligations. This harm is realized, not just potential, and stems from the AI system's malfunction. Therefore, this qualifies as an AI Incident under the framework, specifically a breach of obligations under applicable law protecting fundamental rights.

The event involves an AI system (Copilot) malfunctioning by improperly accessing and summarizing confidential emails, which constitutes a breach of data protection and potentially a violation of privacy rights. This malfunction directly led to harm in terms of exposure of sensitive information. Therefore, it qualifies as an AI Incident due to the realized harm caused by the AI system's defect.

The event explicitly involves an AI system (Copilot Chat) malfunctioning by accessing and summarizing confidential emails despite sensitivity labels and data loss prevention policies. This malfunction directly led to unauthorized exposure of confidential information, which is a violation of privacy and confidentiality rights, fitting the definition of harm under (c) violations of human rights or breach of obligations under applicable law. The incident is not merely a potential risk but a realized harm, as Microsoft acknowledged the error and its impact. Hence, it is classified as an AI Incident rather than a hazard or complementary information.

The Microsoft 365 Copilot is an AI system integrated into corporate applications that processes user data to generate summaries and suggestions. The bug CW1226324 causes the AI to improperly process data protected by DLP policies and sensitivity labels, which are legal and organizational safeguards for data privacy and confidentiality. This malfunction directly leads to a violation of these protections, constituting harm under the framework's category of violations of human rights or breach of obligations under applicable law (privacy and data protection). The event describes realized harm due to the AI system's malfunction, not just a potential risk, so it qualifies as an AI Incident rather than an AI Hazard or Complementary Information.

An AI system (Microsoft 365 Copilot) malfunctioned by ignoring confidentiality labels and DLP policies, directly leading to unauthorized access and processing of confidential emails. This constitutes a violation of user privacy and data protection rights, which falls under harm category (c) - violations of human rights or breach of obligations under applicable law protecting fundamental rights. Since the harm has already occurred and is linked to the AI system's malfunction, this qualifies as an AI Incident.

The event involves an AI system (Microsoft 365 Copilot) whose malfunction (a bug in the retrieval phase) directly led to the exposure of confidential information that was supposed to be protected by security policies. This constitutes a violation of data protection and confidentiality rights, which falls under harm to human rights and legal obligations. The harm is realized and ongoing, not merely potential, and the AI system's role is pivotal as it was the component that accessed and summarized the confidential emails improperly. Hence, the classification as an AI Incident is appropriate.

The event involves an AI system (Microsoft 365 Copilot) whose malfunction (a bug in data retrieval logic) directly caused the AI to access and summarize confidential emails despite DLP protections. This led to unauthorized exposure of sensitive information, constituting harm to privacy and potentially violating legal obligations related to data protection and confidentiality. The harm is realized and documented, affecting multiple organizations including public health entities. Therefore, the event meets the criteria for an AI Incident because the AI system's malfunction directly led to a breach of confidentiality and data protection rights.

The event involves an AI system (Microsoft 365 Copilot) malfunctioning by bypassing DLP policies and processing confidential emails, which directly led to a breach of privacy and security. This fits the definition of an AI Incident because the AI system's malfunction caused harm related to violations of privacy and potentially legal obligations to protect confidential information. The harm is realized, not just potential, and the company has responded with a fix, but the incident itself is a clear case of AI-related harm.

The event involves an AI system (Microsoft 365 Copilot) malfunctioning by bypassing security measures designed to protect confidential information. This malfunction directly led to unauthorized access and processing of confidential emails, which constitutes a violation of data protection and privacy rights, falling under harm category (c) - violations of human rights or breach of obligations under applicable law protecting fundamental rights. The harm is realized, not just potential, as confidential data was processed incorrectly. Therefore, this qualifies as an AI Incident.

The AI system (Microsoft 365 Copilot) malfunctioned by accessing and summarizing confidential emails it should not have processed, directly leading to unauthorized exposure of sensitive data. This constitutes a breach of obligations under applicable law protecting privacy and confidentiality, thus qualifying as an AI Incident. The company has fixed the issue, but the harm occurred due to the AI system's malfunction and improper data handling.

The event explicitly involves an AI system (Microsoft 365 Copilot Chat) that malfunctioned by improperly processing confidential emails, leading to unauthorized access and summarization of sensitive data. This constitutes a breach of privacy and data protection obligations, which are legal protections of fundamental rights. The harm has already occurred as confidential information was exposed without proper permission. The incident stems from a coding error (malfunction) in the AI system's development or deployment. Given the direct link between the AI system's malfunction and the privacy harm, this is classified as an AI Incident rather than a hazard or complementary information.

The event explicitly involves an AI system (Microsoft 365 Copilot) malfunctioning by ignoring sensitivity labels and data loss prevention (DLP) policies, leading to unauthorized access to confidential emails. This misuse of AI directly results in a breach of privacy and confidentiality, which falls under violations of human rights and legal obligations protecting fundamental rights. The harm has already occurred as the AI processed sensitive data it was not supposed to access. Therefore, this qualifies as an AI Incident rather than a hazard or complementary information.

The event involves an AI system (Microsoft 365 Copilot Chat) malfunctioning by ignoring data loss prevention policies, which led to a breach of confidentiality protections on sensitive emails. This constitutes a violation of obligations under applicable law intended to protect fundamental rights related to privacy and data protection, thus meeting the criteria for an AI Incident. The harm is indirect but real, as confidential information was processed in violation of policies, even if not exposed to unauthorized users. Therefore, this is classified as an AI Incident rather than a hazard or complementary information.

The event explicitly involves an AI system, Microsoft 365 Copilot Chat, which is a generative AI tool integrated into workplace applications. The malfunction caused the AI to access and summarize confidential emails improperly, breaching data protection policies and exposing sensitive information. This directly led to harm in terms of violation of confidentiality and privacy rights, fitting the definition of an AI Incident. The company's response and fix are noted but do not negate the fact that harm occurred due to the AI system's malfunction.

The event involves an AI system (Microsoft 365 Copilot) malfunctioning by ignoring confidentiality labels and summarizing sensitive emails, which directly breaches data protection and confidentiality rights. This is a clear violation of obligations under applicable law protecting fundamental rights, specifically privacy and confidentiality. The harm has already occurred as the AI system processed confidential data without authorization. Therefore, this qualifies as an AI Incident rather than a hazard or complementary information.

The Microsoft 365 Copilot is an AI system integrated into multiple Office applications that processes user emails to provide summaries and assistance. The malfunction caused it to bypass configured confidentiality labels and DLP policies, directly leading to unauthorized access and processing of sensitive information. This constitutes a violation of user privacy and data protection rights, which falls under harm category (c) - violations of human rights or breach of obligations under applicable law protecting fundamental rights. Since the harm has already occurred due to the AI system's malfunction, this event qualifies as an AI Incident rather than a hazard or complementary information.

The event explicitly involves an AI system (Microsoft Copilot) whose malfunction and exploitation led to unauthorized access and exfiltration of sensitive and confidential data, including in regulated healthcare environments. This constitutes a violation of legal obligations protecting data privacy and intellectual property rights, fulfilling the criteria for harm under AI Incident definition (c). The involvement of the AI system is direct, as the failures occurred within its retrieval and inference pipelines, and the harm is realized, not merely potential. The advisory also details the failure of security tools to detect these breaches, emphasizing the AI system's pivotal role in the incident. Hence, the classification as an AI Incident is appropriate.

The event involves an AI system (Microsoft 365 Copilot Chat) malfunctioning by ignoring DLP policies and processing confidential emails without authorization. This directly leads to a breach of confidentiality and regulatory compliance, which is a violation of rights and a harm to the affected organizations and individuals. The AI system's malfunction is the pivotal cause of this harm, meeting the criteria for an AI Incident under the OECD framework.

The event involves an AI system (Microsoft 365 Copilot Chat) malfunctioning by accessing and summarizing confidential emails despite protections intended to prevent this. This malfunction directly led to exposure of confidential information, which is a violation of data protection and confidentiality rights, thus constituting harm under the category of violations of human rights or breach of obligations under applicable law. Therefore, this qualifies as an AI Incident because the AI system's malfunction directly caused harm related to confidentiality breaches. The company's fix and monitoring are complementary information but do not negate the incident classification.

The event involves an AI system (Microsoft 365 Copilot Chat) whose malfunction (a bug) caused it to bypass data loss prevention policies and access confidential emails without proper authorization. This directly led to a breach of privacy and confidentiality, which are protected rights under legal and regulatory frameworks. The harm is realized, not just potential, as confidential information was processed without consent or safeguards. The incident affects legal professionals and organizations with high confidentiality requirements, indicating significant harm. Microsoft's fix and statements do not negate the fact that the AI system's malfunction caused the breach. Hence, this is an AI Incident rather than a hazard or complementary information.

The Microsoft Copilot AI bug involved the AI system reading and summarizing confidential emails without permission, directly violating data privacy and security, which is a breach of fundamental rights and obligations under applicable law. This harm is realized and directly linked to the AI system's malfunction. The phishing campaign, while harmful, does not explicitly involve AI systems. Other parts of the article discuss calls for research, regulation, and new AI model releases, which are either complementary information or unrelated. Hence, the overall classification is AI Incident based on the Copilot AI bug.

The event involves an AI system (Microsoft Copilot Chat) whose malfunction (a configuration error) directly led to the unauthorized access and summarization of confidential emails. This is a clear breach of data protection expectations and potentially legal obligations concerning privacy and confidentiality. The harm is realized, not just potential, as confidential information was accessed improperly. Hence, it meets the criteria for an AI Incident rather than a hazard or complementary information.

Microsoft 365 Copilot is an AI system integrated into Microsoft 365 productivity tools. The bug allowed the AI to access and summarize protected email content, effectively bypassing security policies designed to prevent data leakage. This malfunction directly led to potential harm by exposing confidential information, which is a violation of privacy and data protection rights. Therefore, this event qualifies as an AI Incident because the AI system's malfunction directly caused a breach of obligations intended to protect fundamental rights (privacy and data protection).

The event involves an AI system (Microsoft 365 Copilot Chat) that malfunctioned by accessing and summarizing confidential emails, which is a direct consequence of the AI system's operation. The harm is realized as confidential information was exposed internally, violating data protection and confidentiality obligations. Although Microsoft states that unauthorized access by other users did not occur, the AI system's behavior breached expected privacy safeguards, constituting harm to rights protected under applicable law. Hence, this is an AI Incident rather than a hazard or complementary information.

The event involves a malfunction of an AI system (Microsoft 365 Copilot) that directly led to a breach of data protection policies, exposing sensitive email content. This constitutes a violation of privacy and potentially legal obligations related to data protection, fitting the definition of an AI Incident due to harm to rights and privacy. The bug caused the AI system to access and summarize content it should not have, directly leading to harm through exposure of sensitive information.

The event explicitly involves an AI system (Microsoft 365 Copilot) malfunctioning by processing confidential emails it should have excluded, thus breaching data protection policies. This malfunction directly led to the synthesis of confidential content, constituting a violation of privacy and confidentiality rights. The harm is realized, not just potential, as the AI system did process and summarize sensitive emails incorrectly. Therefore, this qualifies as an AI Incident due to the direct link between the AI system's malfunction and the breach of confidentiality obligations.

The event involves an AI system (Microsoft 365 Copilot) whose malfunction (a coding error) caused it to process and summarize confidential emails that should have been protected, directly leading to a violation of privacy and data protection policies. This constitutes a breach of obligations intended to protect fundamental rights (privacy) and harm to property or communities (confidential information). The harm has already occurred, making this an AI Incident rather than a hazard or complementary information. The article also mentions mitigation efforts but the primary focus is on the realized harm due to the AI system's malfunction.

The event explicitly involves an AI system (Microsoft 365 Copilot) malfunctioning by processing confidential emails that should have been protected, leading to exposure of sensitive information. This directly results in a violation of privacy rights and confidentiality obligations, fitting the definition of an AI Incident due to harm caused by the AI system's malfunction. The harm is realized, not just potential, as confidential data was accessed and summarized improperly.

The event explicitly involves an AI system (Microsoft Copilot) malfunctioning by accessing confidential email content it should not have accessed. This unauthorized access and summarization of confidential emails is a direct harm to privacy and confidentiality, which falls under violations of human rights or breach of legal obligations protecting fundamental rights. Since the harm has already occurred and is directly linked to the AI system's malfunction, this qualifies as an AI Incident rather than a hazard or complementary information.

The event involves an AI system (Microsoft Copilot) malfunctioning by ignoring security labels and accessing confidential emails, leading to unauthorized exposure of sensitive information. This constitutes a violation of data protection and privacy rights, which falls under harm to human rights and breach of legal obligations. The harm has already occurred as confidential data was exposed internally without consent. Therefore, this qualifies as an AI Incident due to the direct harm caused by the AI system's malfunction.

The event explicitly involves an AI system (Microsoft 365 Copilot Chat) malfunctioning by improperly accessing and summarizing confidential email content despite sensitivity labels and data loss prevention policies. This behavior constitutes a breach of expected confidentiality and data protection, which can be considered a violation of obligations under applicable law protecting fundamental and labor rights (privacy and data protection). The harm is realized in terms of reputational and operational impact on organizations and potential exposure of sensitive information, even if no unauthorized external access occurred. Therefore, this qualifies as an AI Incident due to the direct link between the AI system's malfunction and harm related to confidentiality and data protection.