The system-defined Data Identifier "Credit Card Number" is returning false positives where 4 digits full stop 4 digits comma 4 digits full stop 4 digits is being picked up by the following pattern:
22[3-9]\d[ -.]\d{4}[ -.]\d{4}[ -.]\d{4}
This is causing two different cells in a CSV which each contain 4 digits full stop 4 digits to match as 4 sets of four digits.
For example:
If we run the DLP filter.exe tool on the csv file to output the content seen during detection, we have this result:
During detection, the comma separator is removed, and we have only the dot present in each number.
Some patterns that are checked against the Luhn check are then being recognised as a potential credit card number which triggers an incident.
Create a custom Data Identifier with the pattern [0-9]{4}\.[0-9]{4},[0-9]{4}\.[0-9]{4} that looks only for those patterns and add it as a policy exception to the policy which is generating false positives.