Assigning a non-member to a task in planner adds them to the O365 group, without any security disclaimer
If you assign a person a task in Planner who isn't a member of the team, they automatically get added to the Plan & O365 group.
There is a message which says non-member, but it doesn´t specify that the added user will have access to the O365 content.
This is a security concern!
This seems related to the following:
Agree this is an issue that could lead to a security or legal issue. The concern centers around the end users (group owners or members) since users may not realize the Guest now has access to Group conversations and everything in SharePoint since the external guest has access.
Planner should have a setting to block current guest from being added to the O365 Group but can still be assigned a task if need be.
This is an absolute necessity for us. I have groups in our organization who will not use Planner - or Teams! - until this is addressed.