VirusTotal apologized on Friday for leaking the knowledge of over 5,600 clients after an worker mistakenly uploaded a CSV file containing their data to the platform final month.
The information leak impacted solely Premium account clients, with the uploaded file containing their names and company electronic mail addresses.
Emiliano Martines, the web malware scanning service’s head of product administration, additionally assured impacted clients that the incident was attributable to human error and was not the results of a cyber-attack or any vulnerability with VirusTotal.
Moreover, the leaked file was solely accessible to VirusTotal companions and cybersecurity analysts with a Premium account with the platform.
These utilizing nameless or free accounts can’t entry the Premium platform and, consequently, can’t attain the leaked file.
“On June 29, an worker by chance uploaded a CSV file to the VirusTotal platform. This CSV file contained restricted data of our Premium account clients, particularly the names of corporations, the related VirusTotal group names, and the e-mail addresses of group directors,” Martines stated on Friday.
“We eliminated the file, which was solely accessible to companions and company shoppers, from our platform inside one hour of its posting.”
Leaked data linked to authorities companies worldwide
German information shops Der Spiegel and Der Commonplace had been the primary to report the incident on Monday.
As they reported, the 313KB leaked file contained particulars regarding accounts related to official U.S. entities, together with the Cyber Command, Division of Justice, Federal Bureau of Investigation (FBI), and the Nationwide Safety Company (NSA).
Moreover, the file included accounts linked to authorities companies in Germany, the Netherlands, Taiwan, and the UK.
“It’s a checklist of 5600 names, together with staff of the US intelligence service NSA and German intelligence companies,” Der Spiegel stated.
“Twenty accounts alone result in the ‘Cyber Command’ of the USA, a part of the American army and hub for offensive and defensive hacking operations. Additionally represented: the US Division of Justice, the US Federal Police FBI, and the Secret Service NSA.”
The file additionally contained data on staff of nationwide authorities within the Netherlands, Taiwan, and the UK, in addition to German authorities companies, together with the Federal Intelligence Service, the Federal Police, and the Navy Counterintelligence Service (MAD).
Data on dozens of staff at Bundesbank, Deutsche Bahn, Allianz, BMW, Mercedes-Benz, and Deutsche Telekom was additionally discovered within the leaked file.