VirusTotal Data Leak Exposing Some Registered Customer Details
Data related to a subset of VirusTotal’s registered customers, including their names and email addresses, came to light after an employee accidentally uploaded the information to a malware scanning platform.
The security incident, which consists of a database of 5,600 names in a 313KB file, was first disclosed by Glass And Standard Yesterday.
Launched in 2004, VirusTotal is a popular service that analyzes suspicious files and URLs to detect types of malware and harmful content using an antivirus engine and website scanner. Acquired by Google in 2012 and became a subsidiary of Google Cloud’s Chronicle unit in 2018.
Asked for comment, Google confirmed the leak and said it was taking steps to delete the data immediately.
“We are aware of the accidental distribution of a small segment of the customer group administrator email and organization name by one of our employees on the VirusTotal platform,” a Google Cloud spokesperson told The Hacker News.
Protecting Against Insider Threats: SaaS Master Security Posture Management
Worried about insider threats? We are here to help you! Join this webinar to explore practical strategies and secrets to proactive security with SaaS Security Posture Management.
“We removed the listing from the platform within an hour of posting and we are looking at our internal processes and technical controls to improve our operations in the future.”
Included among the data are accounts linked to official US agencies such as Cyber Command, the Department of Justice, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). The other accounts belong to government agencies in Germany, the Netherlands, Taiwan and the UK
Last year, the German Federal Office for Information Security (BSI) be warned oppose automate uploads suspicious email attachments, noting that doing so can lead to the disclosure of sensitive information.
