VirusTotal dons the penitent and apologizes for last month’s events. The Irish antivirus developer emphasizes that the privacy-sensitive data was only accessible to paying members. The company has also implemented new ‘processes and technical controls’ to prevent a recurrence in the future.
VirusTotal apologizes via a press statement.
Names and email addresses of thousands of customers made public for a short time
The German daily newspaper Der Spiegel reported last month that a file of 313 kilobytes could be found online for a short time. The file contained names and email addresses of 5,600 VirusTotal customers, including employees who worked for US, German, Dutch, British and Taiwanese security services. Despite the fact that it was a relatively small data breach, the impact was as significant as ever.
Google, the company owner, said in an initial response that customer data had become public due to human error. An employee accidentally uploaded the customer list to VirusTotal’s servers. The antivirus software developer discovered the error within an hour and took the list offline.
‘Data leak was not the result of a cyber attack or vulnerability.’
The incident caused quite a stir among the affected authorities. State actors with bad intentions could use the data on this list for espionage purposes. The Bundesamt für Sicherheit in der Informationstechnik (BSI), the German counterpart of the National Cyber Security Center (NCSC), emphatically warned against this last year. Despite this warning, things went wrong in June.
“This was not the result of a cyberattack or a vulnerability in VirusTotal. This was a human error, and no bad actors were involved. “On June 29, an employee accidentally uploaded a CSV file to the VirusTotal platform. This CSV file contained limited information from our Premium account customers, specifically company names, associated VirusTotal group names, and group admin email addresses.”
VirusTotal emphasizes that the file was only accessible to partners and corporate customers. The chance that hackers or cybercriminals could view the sensitive information was minimal. The file was also deleted by IT staff within an hour of posting.
VirusTotal takes measures to prevent recurrence
Since the incident occurred, VirusTotal has implemented new “internal processes and technical controls” to enhance customer data protection further. “Trust is the foundation of our community; we apologize again for any confusion or concern this may have caused,” the antivirus maker ends its press release.VirusTotal is a security platform where cybersecurity experts can upload suspicious files and URLs for analysis. The company scans these files and websites with antivirus software from seventy AV manufacturers. This way, you can see at a glance whether a file contains malware or whether there is nothing wrong with it.