Google-Owned VirusTotal Data Leak: Result of Human Error

The recent data leak at Google-owned VirusTotal exposed information on approximately 5,600 of its registered customers. The leak impacted Premium account holders only. Emiliano Martinez, the head of product management at VirusTotal, stressed in a public statement that the leak occurred due to a human error and the company was not breached by outsiders.

An employee accidentally uploaded a CSV file containing information on Premium account customers. 

What Was Leaked

The leaked information included names and corporate email addresses of premium account holders. Notably, data from various government organizations worldwide was leaked. Specifically, it affected accounts associated with official U.S. entities like the Cyber Command, Department of Justice, Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). 

The leak also impacted government agencies in Germany, the Netherlands, Taiwan, and the United Kingdom. Among the exposed data, there were names of employees from various prominent organizations like Bundesbank, Deutsche Bahn, Allianz, BMW, Mercedes-Benz, and Deutsche Telekom.

Reaction to the Data Leak

VirusTotal has apologized for the incident and assured its impacted customers that new internal processes and technical controls have been implemented to enhance data security and prevent similar incidents in the future.

The leaked file was quickly removed from the platform within an hour of its accidental posting. Anonymous or free account holders did not have access to the leaked file.

What is VirusTotal?

Founded in 2004, VirusTotal is a free platform designed to scrutinize files and URLs, identifying viruses, worms, trojans, and various types of malicious content. Their primary objective is to foster a safer online environment by encouraging cooperation among antivirus industry professionals, researchers, and diverse end-users.

Skip to content