‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot

Microsoft recently addressed a dire artificial intelligence (AI) attack vector known as ‘EchoLeak’ that allowed for the potential unauthorized retrieval of sensitive data via its widely used Microsoft 365 Copilot feature.

The vulnerability was assigned with the identification, CVE-2025-32711.

What is EchoLeak?

EchoLeak is a sophisticated AI-driven cyber-attack technique, primarily exploiting the ‘backdoor’ vulnerabilities present in Microsoft’s AI-based language model employed in Copilot.

This malicious exploit concentrated on the suggestion engine, consequently manipulating AI responses to leak highly sensitive data.

Technical Insights into the AI Attack

Behind the scenes, the EchoLeak attackers carefully fed the AI model with a series of purposefully engineered queries, allowing them to stealthily extract sensitive information without the victim’s knowledge or consent — commonly known as zero-click attacks.

What started as seemingly benign, unrelated text manipulations gradually became a covert operation to extract high-value intel from the systems they targeted.

Further, the exploit leveraged the AI learning model’s inability to discern between public and private data.

Once the AI was fed enough carefully crafted inputs, the exploit coded responses started releasing information.

This vulnerability is a harmful by-product of ‘federated learning,’ which is intrinsic to AI-based engines like Copilot.

The Response from Microsoft

In response to this serious security flaw, Microsoft promptly released a patch to fix the underlying issues, demonstrating their proactive commitment to user security.

This action underlined their dedication to developing robust algorithms designed to stay ahead of the increasingly inventive tactics used by cybercriminals.

Microsoft also stated that it has an ongoing process of improving its AI language models for addressing the issue and reducing the risk of such attacks further.

The company also reinforced the call for an active and cautious security posture within the AI and cybersecurity community.

Practical Advice

Organizations using AI technologies need to develop regular systems for auditing AI models, which would allow them to identify and fix security flaws.

Employing AI monitoring tools can also prove advantageous in early detection and mitigation of AI-driven attacks.

With the growing number of AI-model-driven tools and services, it’s crucial that attention is paid to their security aspects to prevent the misuse of these powerful technologies.

Follow-Up Reading

For more information about AI-based cyber attacks, please visit these reliable sources:

1. AI-based Cyber Attacks: A New Challenge for the Cybersecurity World
2. How to Prepare For AI-Powered Cyber Attacks
3. Practical Black-Box Attacks against Machine Learning