Cyber Security Threat Summary:
VirusTotal apologized on Friday for leaking the information of over 5,600 customers after an employee mistakenly uploaded a CSV file containing their info to the platform last month. The data leak impacted only Premium account customers, with the uploaded file containing their names and corporate email addresses. Emiliano Martines, the online malware scanning service's head of product management, also assured impacted customers that the incident was caused by human error and was not the result of a cyber-attack or any vulnerability with VirusTotal. Furthermore, the leaked file was only accessible to VirusTotal partners and cybersecurity analysts with a Premium account with the platform. Those using anonymous or free accounts cannot access the Premium platform and, consequently, cannot reach the leaked file. (Bleeping Computer, 2023).

Security Officer Comments:
According to German news outlets Der Spiegel and Der Standard, who first reported the data leak, the leaked file contains 313KB of data pertaining to accounts associated with official U.S entities, including Cyber Command, Department of Justice, Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). It was found that the file also included accounts linked to government agencies in Germany, the Netherlands, Taiwan, and the United Kingdom. Although VirusTotal stated that the file was removed within an hour of its being uploaded if gotten in the wrong hands like cybercriminals, this data could be used to conduct social engineering and impersonation attacks where actors pretend to be government officials to further conduct targeted phishing and malicious activities. VirusTotal has apologized for the leak and says that it is working on improving internal processes and technical controls to prevent such events from occurring the in the future.

Link(s):
https://www.bleepingcomputer.com/