MC1199763 – M365 Change Digest

One-line summary

Microsoft Purview Data Security Investigations adds a purge action for admins to quickly delete sensitive or overshared content during investigations, available by default and respecting existing policies.

Similar updates

Details

RoadmapIds

542930

Summary

Microsoft Purview Data Security Investigations will add a new purge mitigation action by early 2026, allowing admins to delete sensitive or overshared content during investigations. Enabled by default, it respects existing policies and requires no prior admin action. Security teams should be informed and documentation updated accordingly.

Platforms

Web

Body (from Message Center)

[Introduction]

We’re introducing a new purge mitigation action in Microsoft Purview Data Security Investigations (DSI). This feature enables admins to quickly and efficiently delete sensitive or overshared content during investigations, directly within the product experience. The purge action complements DSI’s AI-powered capabilities—such as categorization, AI search, and risk analysis—helping organizations reduce data exposure and mitigate leaks faster.

This message is associated with Microsoft 365 Roadmap ID 542930.

[When this will happen:]

Public Preview: Rollout will begin in early January 2026 and complete by mid-January 2026.
General Availability (Worldwide): Rollout will begin in early March 2026 and complete by late March 2026.

[How this affects your organization:]

Who is affected: Admins using Microsoft Purview Data Security Investigations.
What will happen:
- A new purge mitigation action will be available in the DSI interface.
- Admins can delete content matching investigation search queries to mitigate oversharing or sensitive data exposure.
- The feature is enabled by default; no configuration changes are required.
- Existing admin policies (DLP, retention, labels) remain respected.

[What you can do to prepare:]

No admin action is required before rollout.
Consider notifying your security and compliance teams about this new capability.
Update internal documentation if you detail DSI workflows.

Learn more:

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

Raw JSON (for debugging)

Expand/collapse the full payload below.

Show/hide raw

{
  "snapshot_item": {
    "action_required_by": null,
    "ai_action_required_by": "2026-01-01T00:00:00Z",
    "ai_actions": [
      "Notify security and compliance teams",
      "Update internal DSI documentation"
    ],
    "ai_master_tags": [
      "Security"
    ],
    "ai_model": "gpt-4.1",
    "ai_summary": "Microsoft Purview Data Security Investigations adds a purge action for admins to quickly delete sensitive or overshared content during investigations, available by default and respecting existing policies.",
    "ai_topics": [
      "Purview"
    ],
    "category": "stayInformed",
    "details_map": {
      "Platforms": "Web",
      "RoadmapIds": "542930",
      "Summary": "Microsoft Purview Data Security Investigations will add a new purge mitigation action by early 2026, allowing admins to delete sensitive or overshared content during investigations. Enabled by default, it respects existing policies and requires no prior admin action. Security teams should be informed and documentation updated accordingly."
    },
    "id": "MC1199763",
    "importance": 4,
    "is_major_change": false,
    "last_modified": "2025-12-18T23:39:24Z",
    "ms_products": [
      "Purview"
    ],
    "platforms": "Web",
    "roadmap_ids": [
      "542930"
    ],
    "services": [
      "Microsoft Purview"
    ],
    "severity": "normal",
    "tags": [
      "New feature",
      "Admin impact"
    ],
    "title": "Microsoft Purview | Data Security Investigations \u2013 Introducing new purge mitigation action"
  }
}