The online malware scanning service VirusTotal leaked data associated with some registered customers, German newspapers reported.
German newspapers Der Spiegel and Der Standard reported that the online malware scanning service VirusTotal leaked data associated with some registered customers.
At the end of June, a small file of 313 kilobytes containing a list of 5,600 names was exposed online. The file included data associated with employees of the US secret service NSA, the US Cyber Command, and German intelligence services registered with the Google-owned security platform.
“Twenty accounts alone lead to the US “Cyber Command”, part of the American military and the control center for offensive and defensive hacking operations. Also represented: the US Department of Justice, the American federal police FBI and the secret service NSA. Official bodies from the Netherlands, Taiwan and Great Britain are also on Virustotal.” reported Der Standard.
Der Spiegel points out that the leaked data reveals who deals with IT security and malware in the impacted companies and government organizations. Threat actors could use this information to target these professionals with spear-phishing attacks.
The exposed records include customers’ names and email addresses. The information was exposed after an employee inadvertently uploaded the data to VirusTotal.
“”A spokeswoman for Google Cloud said when asked that a VirusTotal employee had “unintentionally made a small part” of customer data available on VirusTotal.” reported Der Spiegel.
When Google became aware of the data leak immediately removed the data.
“We removed the list from the platform within an hour of uploading it.” We are working on improving internal processes and technical controls to prevent this in the future.”” continues the newspaper.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, VirusTotal)
Share On