VirusTotal Data Leak Exposes Registered Customer Details
Data associated with a subset of registered customers of VirusTotal, including their names and email addresses, have leaked on the internet.
The security incident, which comprises a database of 5,600 names in a 313KB file, was first disclosed by Der Spiegel and Der Standard yesterday.
Launched in 2004, VirusTotal is a popular service that analyzes suspicious files and URLs to detect types of malware and malicious content using antivirus engines and website scanners. It was acquired by Google in 2012 and became a subsidiary of Google Cloud’s Chronicle unit in 2018.
When reached for comment, Google confirmed the leak and said it took immediate steps to remove the data.
“We are aware of the unintentional distribution of a small segment of customer group administrator emails and organization names by one of our employees on the VirusTotal platform,” a Google Cloud spokesperson told.
Related Articles:
- Google to Buy Cybersecurity Firm Mandiant for $5.4 BillionGoogle agreed to purchase cybersecurity company Mandiant Inc. for $5.4 billion, adding internet security products that will bolster the technology giant’s cloud-computing business … Read more
- Windows 11 Hidden Features1. Minimize every window except the active one If your desktop screen has gotten too crowded with open windows, you can quickly minimize … Read more
- Best Free Web tools – 2022Best Free Web tools – 2022 Text Content Tools A complete set of text tools is now at your fingertips. Check our plagiarism, … Read more
- Can you know HTTPS Website also be Hackable?Can you know HTTPS Website also be Hackable? It should be no shock by now that a professional can break through anything. These … Read more
- Classic Hangouts will be replaced by Google ChatClassic Hangouts will be replaced by Google Chat Learn about the switch from classic Hangouts to Google Chat Classic Hangouts is being replaced … Read more
We removed the list from the platform within an hour of its posting and we are looking at our internal processes and technical controls to improve our operations in the future.”
Included among them are accounts linked to official U.S. bodies such as the Cyber Command, Department of Justice, Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). Other accounts belong to government agencies in Germany, the Netherlands, Taiwan, and the U.K.
Last year, Germany’s Federal Office for Information Security (BSI) warned against automating uploading of suspicious email attachments, noting that doing so could lead to the exposure of sensitive information.
