Data associated with a subset of registered customers of VirusTotal, including their names and email addresses, have leaked on the internet.
The security incident, which comprises a database of 5,600 names in a 313KB file, was first disclosed by Der Spiegel and Der Standard yesterday.
Launched in 2004, VirusTotal is a popular service that analyzes suspicious files and URLs to detect types of malware and malicious content using antivirus engines and website scanners. It was acquired by Google in 2012 and became a subsidiary of Google Cloud’s Chronicle unit in 2018.
When reached for comment, Google confirmed the leak and said it took immediate steps to remove the data.
“We are aware of the unintentional distribution of a small segment of customer group administrator emails and organization names by one of our employees on the VirusTotal platform,” a Google Cloud spokesperson told The Hacker News.
Shield Against Insider Threats: Master SaaS Security Posture Management
Worried about insider threats? We’ve got you covered! Join this webinar to explore practical strategies and the secrets of proactive security with SaaS Security Posture Management.
“We removed the list from the platform within an hour of its posting and we are looking at our internal processes and technical controls to improve our operations in the future.”
Included among them are accounts linked to official U.S. bodies such as the Cyber Command, Department of Justice, Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). Other accounts belong to government agencies in Germany, the Netherlands, Taiwan, and the U.K.
Last year, Germany’s Federal Office for Information Security (BSI) warned against automating uploading of suspicious email attachments, noting that doing so could lead to the exposure of sensitive information.