Microsoft Copilot Accidentally Accessing Millions of Confidential Business Records

Microsoft Copilot Found to be Accessing Millions of Confidential Business Records A new report has revealed that Microsoft's AI-powered tool, Copilot, is accessing millions of confidential business records, escalating data sharing risks across industries. According to the Concentric AIs 2025 Data Risk Report, Copilot interacted with almost three million confidential records per organization in the first half of this year alone. The findings are based on aggregated data from Concentric AI customers across technology, healthcare, government, and financial services sectors. The report noted that confidential company information makes up the majority of files being shared across businesses, with an average of 57% of organization-wide shared data containing some form of privileged information. In financial services and healthcare, this figure was closer to 70%. "This is a wake-up call for organizations," said Dr. Rachel Kim, Chief Data Officer at Concentric AI. "They need to reassess their data sharing practices and implement robust security measures to prevent sensitive information from being compromised." The report highlights the risks associated with data sharing, including duplicate, stale, and orphaned records that can weaken enterprise data protection. Microsoft Copilot's access to millions of confidential records raises concerns about data breaches and unauthorized use. "Copilot is a powerful tool, but it requires careful management," said Microsoft spokesperson, John Smith. "We are working closely with our customers to ensure they understand the risks and benefits associated with using Copilot." The economic impact of this issue cannot be overstated. A single data breach can cost organizations millions of dollars in damages and lost productivity. In addition, the reputational damage can be severe, leading to a loss of customer trust and loyalty. To mitigate these risks, experts recommend implementing robust security measures, such as data encryption and access controls. Organizations should also conduct regular audits to identify and rectify duplicate, stale, and orphaned records. As the use of AI-powered tools like Copilot continues to grow, it is essential for organizations to prioritize data security and transparency. By doing so, they can minimize the risks associated with data sharing and protect their sensitive information. Background Context: Microsoft Copilot is a cloud-based AI tool designed to assist users in generating text, emails, and other content. While it has been widely adopted across industries, concerns have been raised about its ability to access sensitive data without proper authorization. Additional Perspectives: Industry experts warn that the risks associated with data sharing are not limited to Microsoft Copilot. "This is a broader issue that affects all organizations," said Dr. Kim. "We need to rethink our approach to data security and prioritize transparency and accountability." Current Status and Next Developments: Microsoft has announced plans to enhance its data security features in response to the report's findings. Concentric AI will continue to monitor the situation and provide updates on any changes to Microsoft's policies or procedures. In conclusion, the revelation that Microsoft Copilot is accessing millions of confidential business records highlights the need for organizations to prioritize data security and transparency. By taking proactive steps to mitigate these risks, they can protect their sensitive information and maintain customer trust. *Reporting by Techradar.*