Registered VirusTotal customers’ data was found on the Internet with suspicion of it landing there due to a data leak.
The alleged VirusTotal data leak contains the names, email addresses, and organization of 5,600 account holders and secret services. The impacted individuals include employees of the US intelligence agency NSA and German intelligence agencies.
Details about the VirusTotal data leak
A 313 KB file was found on the internet by the Austrian media STANDARD in July 2023 from the alleged VirusTotal cyber attack. The file was considered to be ‘explosive,’ according to a blog post by German IT writer Günter Born.
The file is suspected to have been released from the inner environment of the platform based on the characteristic of the data.
The following data was said to have been compromised in the alleged VirusTotal data leak –
- Around 20 accounts of the US Cyber Command or users of the U.S. Department of Justice, the U.S. Federal Bureau of Investigation, and the National Security Agency.
- Other accounts may also belong to official bodies from the Netherlands, Great Britain, and Taiwan.
- Addresses from the Austrian Federal Ministry of Defense and the Interior Ministry
- German BSI employees including the Federal Criminal Police Office, the Military Counter-Intelligence Service, and the Federal Office for Telecommunications Statistics.
- Nearly 30 employees of German companies including Deutsche Bahn, Bundesbank, and Dax giants including Allianz, BMW, Daimler, and Deutsche Telekom.
Authenticity of the information exposed in the VirusTotal data leak
The Austrian media STANDARD jointly with the German news magazine Der Spiegel speculated that the data leaked from VirusTotal was likely genuine. “The incident shows how critical online activities are when data gets into the hands of unauthorized third parties via a leak,” the Borncity blog read.
The possibility of misuse of the VirusTotal data leak was also not ruled out by researchers.
VirusTotal data leak and third-party access
VirusTotal offers research services including checking submitted files for malware.
It was taken over by Google and has been operated by Google since 2012. The files sent to the service are often of critical nature or classified by legal bodies and agencies.
Moreover, it is noted in the terms and conditions of VirusTotal that a third party views the files. This makes data security questionable and subject to risk.
“If the documents contain internal company information or explosive material, this becomes public when uploaded,” the report read. Uploading sensitive files on similar platforms has garnered the attention of several legal bodies.
The German Federal Office for Information Security (BSI) released a security warning in March 2022 addressing the concerns about leaked BSI alerts.
It was suspected that the leaked data from the BSI distribution list was also uploaded to VirusTotal. This could have led the data from BSI to be publicly identified.
Lessons from VrusTotal data leak: What to do if you are named
If your personal information is exposed in a data breach, take swift action to safeguard your financial security.
Firstly, remain vigilant for breach notifications and keep any unusual mail or emails. Next, secure your bank and credit card accounts by updating passwords and considering two-factor authentication.
Additionally, initiate a fraud alert on your credit report to prevent unauthorized credit applications.
Continuously monitor your financial accounts and credit reports for suspicious activity, using free credit monitoring services.
For enhanced protection, consider freezing or locking your credit file to prevent fraudulent access. Although data breaches are concerning, prompt and cautious responses can minimize potential damage and help you navigate the situation effectively.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
