Let's say a user in a SharePoint site goes to a folder and "Shares" it with someone using the "People in <organization> can edit" scope. Obviously, in the Share dialog, they are prompted to specify a recipient, so whoever they include will get the email with the link. I understand that org-scoped links can be forwarded to and will work for anyone within the org. However, should the presence of that link alsocause the folder or any files within to appear in the "Discover" views strewn about Office 365 (in OneDrive, Delve, Outlook mobile, etc.)?
We have a situation where someone did just that, then a student reported seeing a file pop up in Discover on their iPhone. I know the answer is to go back in time and tell them to NOT create that sharing link, but since that's not possible (yet), I'm stuck trying to explain how the student got visibility to the files in that folder.