But that's not what is being presented, here. This post just presents a simple permission misconfiguration or not using the correct tools for the data with the given system (Sensitivity Labels on M365).
If there was a breakout of Copilot in M365 to produce data you lacked permission to, that would be a worthy blog post (hopefully after the bug bounty was processed).
If there was a breakout of Copilot in M365 to produce data you lacked permission to, that would be a worthy blog post (hopefully after the bug bounty was processed).