On June 29, VirusTotal experienced a leak of approximately
5,600 customer data. The leak was due to an employee accidentally uploading a
CSV file containing their information to the platform last month.
The leak only affected Premium account customers, with the
uploaded file including company names and addresses. The leaked info is related
to government agencies around the world.
Emiliano Martines, head of product management of the online
malware scanning service, assured affected customers that the incident was
caused by human error and was not the result of a cyberattack or any
vulnerability in VirusTotal.
German media outlets Der Spiegel and Der Standard were the
first to report the incident. As reported by Der Spiegel and Der Standard, the
leaked file was 313KB in size. The file contains details about accounts
associated with official United States agencies, including Cyber Command, the
Department of Justice, the Federal Bureau of Investigation (FBI), and the
National Security Agency (NSA).
The files also included accounts linked to government bodies
in Germany, the Netherlands, Taiwan and the UK. Information on dozens of
employees at Bundesbank, Deutsche Bahn, Allianz, BMW, Mercedes-Benz, and
Deutsche Telekom was also found in the leaked file.
On Friday, VirusTotal apologized to customers for the
accidental leak and assured affected users that the files were only accessible
to company partners and cybersecurity analysts with Premium accounts at
VirusTotal. . Those using anonymous or free accounts could not access the
Premium platform and could not reach the leaked files.
0 Comments