Exchange Online: Sudden mass quarantine of legitimate emails (tenant‑wide impact)

Hello,

Since last Thursday , we have been experiencing a sudden and significant increase in quarantined emails across our Exchange Online tenant.

Key observations:

- Hundreds of legitimate emails are being quarantined every day

- The issue appears tenant‑wide and affects multiple senders and recipients

- No recent configuration changes were made (Exchange mail flow rules, Defender for Office 365 policies, or security presets)

- Messages are being classified as spam/phish even though they are clearly legitimate

- Manual release is currently required, which is operationally unsustainable and error‑prone

- Business‑critical communications are being delayed or missed as a result

We have an active Microsoft support case open, but the root cause is still unclear.

I would like to ask the community:

- Are other Exchange Online tenants seeing a similar spike in quarantined legitimate emails since last week?

- Has Microsoft acknowledged any backend or filtering model changes or service issues related to quarantine or Defender for Office 365?

Any confirmation or shared experiences would be greatly appreciated, as we are trying to determine whether this is an isolated tenant issue or a broader service‑related problem.

Thank you.