Data related to some of VirusTotal’s registered customers, such as names and email addresses, was leaked after an employee accidentally uploaded the information to a malware scanning platform.
This security incident consisted of a database of 5,600 names contained in a 313KB file and was first disclosed. Der Spiegel and der standard yesterday.
Launched in 2004, VirusTotal is a popular service that uses antivirus engines and website scanners to analyze suspicious files and URLs to detect malware types and malicious content. Acquired by Google in 2012 and became a subsidiary of Google Cloud’s Chronicle division in 2018.
When asked for comment, Google confirmed the leak and said it took immediate steps to remove the data.
“We are aware that one of our employees unintentionally distributed the customer group administrator’s email and part of the organization name on the VirusTotal platform,” a Google Cloud spokesperson told Hacker News. Told.
Shielding Against Insider Threats: Mastering SaaS Security Posture Management
Worried about insider threats? We’ve got you covered! Join us for this webinar to explore practical strategies and proactive security secrets using SaaS Security Posture Management.
“We removed the listing from our platform within an hour of it being posted. We are reviewing internal processes and technical controls to improve operations going forward.”
The data includes accounts linked to US public agencies such as the Cyber โโCommand, Department of Justice, Federal Bureau of Investigation (FBI), and National Security Agency (NSA).Other accounts belong to government agencies in Germany, the Netherlands, Taiwan, and the United Kingdom
Last year, the German Federal Office for Information Security (BSI) warned Against Upload automation Removed suspicious email attachments, noting that they may lead to exposure of confidential information.
