VirusTotal suffers data leakage incident

Posted date 03/08/2023

On 29 June, an employee accidentally uploaded a CSV file to the VirusTotal platform. This CSV file contained limited information on premium account customers, namely the names of the companies, the names of the associated premium account groups and the email addresses of the group administrators. Within an hour of its publication, the file was deleted.

Emiliano Martinez, head of product management at VirusTotal, also assured affected customers that the incident was caused by human error, and was not the result of a cyberattack or vulnerability.

Among the exposed data are accounts associated with US government agencies, such as USCYBERCOM (Cyber Command), the Department of Justice, the FBI and the NSA. In addition, government agency accounts in Germany, the Netherlands, Taiwan and the UK have been affected.

Since the incident, VirusTotal took immediate steps to address the situation. The company notified affected users, reset the passwords of compromised accounts and improved its security measures to prevent future similar incidents. In addition, new internal processes and technical controls were put in place to improve security and safeguard customer data.