Warning about credit card information in outgoing email

Question

I received the following email message from MS Outlook when I sent my credit card information to a vendor. Was the original email sent or not? If it was sent, it's too late for the action item in the warning. If it was not sent, it should be clearly noted and there should be an easy way to elect to resend it.

"You shared content that contains 1 or more credit card numbers with people outside your organization. Consider removing the numbers or make sure it's OK that everyone you're sharing with can view them."

Answer 1

The notification indicates that the message containing the credit card number was already sent. The warning is informational and comes from a data loss prevention (DLP) policy that detects credit card numbers in content shared via email and then alerts the sender so they can change behavior going forward.

The action item in the warning (for example, removing the numbers or changing how they are shared) applies to future messages or to any follow‑up steps taken after realizing sensitive data was sent. It does not hold or block the original email by default; the email has already reached the recipients.

If the content should not have been shared, the next steps are:

• Contact the recipients and ask them to delete the message.
• Work with the organization’s admin if stronger DLP actions (such as blocking or encrypting such messages) are desired in the future.

---

References:

• Help prevent sharing credit card numbers through email