Subj : Microsoft Copilot has access to three million sensitive data reco
To   : All
From : TechnologyDaily
Date : Sat Sep 27 2025 13:15:09

Microsoft Copilot has access to three million sensitive data records per 
organization, wide-ranging AI survey finds - here's why it matters

Date:
Sat, 27 Sep 2025 12:03:00 +0000

Description:
Microsoft Copilot found to have accessed millions of business records per 
organization as data sharing risks grow across industries.

FULL STORY
======================================================================Confiden
tial company information accounts for most data being shared across 
industries Copilot accessed millions of business records and thousands of 
interactions per organization Duplicate, stale, and orphaned records compound 
oversharing risks and weaken enterprise data protection 

Microsoft Copilot is interacting with more sensitive data than many 
organizations realize, new research has warned. 

 Concentric AI s 2025 Data Risk Report found Copilot accessed almost three 
million confidential records per organization in the first half of this year 
alone. 

For context, that figure represents roughly 55% of all files being shared 
externally. Major risks 

The findings are based on aggregated data from Concentric AI customers across 
industries including technology, healthcare, government, and financial 
services. 

The report noted confidential company information makes up the majority of 
files being shared across businesses. 

On average, 57% of organization-wide shared data contained some form of 
privileged information. In financial services and healthcare that figure was 
closer to 70%. 

Organizations are also leaving large amounts of data exposed. 

An average of two million critical business records per organization were 
shared with no restrictions, working out to about half of unrestricted data 
overall. 

More than 400,000 records on average were shared with personal accounts, and 
over 60 percent of those included confidential information. 

Copilot activity is adding to these worries. The report found organizations 
averaged more than 3,000 interactions with Copilot, during which sensitive 
business information could potentially be modified or exposed. 

This all illustrates the risk enterprises face when securing valuable data as 
GenAI becomes further integrated into daily operations. 

The report also pointed to broader data management problems, including 
duplicate, stale, and orphaned records. 

Organizations in the survey sample held an average of 10 million duplicate 
data records and nearly seven million older than 10 years. Orphaned and 
inactive user data accounted for millions more. 

Oversharing, excessive permissions and uncontrolled GenAI use combine to 
increase risk, and without stronger governance, Concentric AI says 
organizations could struggle to protect intellectual property, financial 
information and personal data. You might also like Masked, not erased: how 
broken redaction fuels AI data leaks Microsoft Copilot targeted in first 
zero-click attack on an AI agent AI: What they dont tell you (but you need to 
know)



======================================================================
Link to news story:
https://www.techradar.com/pro/microsoft-copilot-has-access-to-three-million-se
nsitive-data-records-per-organization-wide-ranging-ai-survey-finds-heres-why-i
t-matters


--- Mystic BBS v1.12 A49 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.