Microsoft Copilot flaw exposes thousands of private GitHub repositories
Cyber startup Lasso revealed that Microsoft's AI-powered tools inadvertently leaked sensitive corporate data from major companies, raising new security concerns.
A newly uncovered security flaw has exposed thousands of private GitHub repositories belonging to major corporations, including IBM, Google, Tencent, PayPal, and even Microsoft itself. The vulnerability, identified by Israeli cybersecurity firm Lasso, stems from Microsoft Copilot and Bing’s caching mechanisms, which inadvertently made sensitive corporate data publicly accessible.
The breach, which impacted over 16,000 organizations, revealed entire confidential archives containing intellectual property, access keys, and security tokens. In some cases, these credentials provided unauthorized access to corporate environments, raising serious concerns about data protection in an era where artificial intelligence tools increasingly handle proprietary information.
AI Tools and Unintended Data Exposure
Lasso’s research team first detected the flaw when their own private GitHub repository surfaced in Microsoft Copilot results and was indexed by Bing. Upon further investigation, they uncovered a widespread issue: more than 20,000 extracted GitHub repositories, over 100 internal software packages vulnerable to dependency confusion, and at least 300 exposed private security credentials tied to platforms such as GitHub, OpenAI, and Google Cloud.
The incident highlights an emerging risk associated with AI-powered tools that aggregate and process vast amounts of data. Unlike traditional search engines, AI models can retain and recombine information in ways that are not always transparent. “Modern organizations must now operate under the assumption that any data leaving their network, even if public only momentarily, can be ingested by AI engines and search systems, making it permanently accessible,” warned Ophir Dror, Chief Product Officer and co-founder at Lasso.
Related articles:
- The Wiz of GenAI security? “Lasso has the potential to be a once-in-a-decade company in cyber”
- Lasso Security nets $6 million Seed funding for Gen AI and LLM cybersecurity
- Lasso Security has partnered with the Duvdevan Foundation and the Student Union to raise over $1.5 million for supplies to the security forces
Microsoft’s Response and the Growing AI Security Challenge
Lasso reported the vulnerability to Microsoft in November 2024. By January 2025, Microsoft updated its security policies to restrict public access to Bing’s cache, effectively mitigating further exposure. However, this response underscores a broader issue: the rapid integration of AI into enterprise workflows is outpacing the security measures designed to protect sensitive data.
Cybersecurity researchers warn that this type of exposure represents a new attack vector. “A single prompt could unintentionally leak sensitive corporate information,” said Lasso security researcher Bar Lanyardo. “Companies must recognize that protecting and sanitizing outgoing data streams is more critical than ever.”
