Big blunder at VirusTotal. As revealed by the two German and Austrian media Der Spiegel and Der Standard, this online malicious file analysis service belonging to Google Cloud briefly released by mistake on June 29 a list of 5600 customers which was not intended to be public.
Apologies
According to Google Cloud, when interviewed by reporters, a VirusTotal employee unwittingly uploaded this CSV file, which included “limited information” about Premium customers – their organization name, VirusTotal groups, and administrator email addresses. The document, accessible only to partners and corporate customers, was removed from the platform “within an hour of being put online,” said the subsidiary of the Mountain View firm, which apologized in a press release on Friday.
The leak may seem anecdotal and of very limited impact. Except that computer security researchers can seek to remain discreet in order to work as calmly as possible. The pedigree of the people recorded in this file, obviously computer security experts from the US NSA and Cyber Command, as well as German intelligence, also lends some scope to this leak.
French addresses
According to Der Spiegel, the American federal police, the FBI, official Dutch and English organizations are also concerned by the leak. The Record is more specific on this subject: it would be personnel from Cert-Uk, an entity attached to GCHQ. This last media also reports the presence of French email addresses in this list, as well as emails from around fifteen countries, even if it is not known precisely which French organizations were concerned.
“Since this incident, we have implemented new internal processes and technical controls to improve the security and backup of customer data,” says VirusTotal. A company well aware that this kind of incident seriously damages trust.