Lasso Security reported that Microsoft Copilot could return content from GitHub repositories that had been public briefly but later set to private or deleted. Lasso attributed this to Bing's caching system, which stored "zombie data" from over 20,000 repositories. The cached content allegedly included sensitive information such as access keys, tokens, and internal packages. Microsoft reportedly classified the issue as low severity and applied only partial mitigations.