VirusTotal apologizes for exposing Premium clients

Updated on: 24 July 2023

Vilius Petkauskas
Deputy Editor

Image by Cybernews.

VirusTotal, a popular malware detection service owned by Google, said an employee error caused the recent leak of a file containing details on 5,600 users.

The Google-owned company issued an apology over the recent data leak that exposed the names and email addresses of VirusTotal Premium account holders.

The list supposedly included accounts from the US Cyber Command, US Department of Justice, NSA, FBI, German secret service, and many others. VirusTotal stressed that the leak was not caused by a cyberattack and that no “bad actors” were involved.

“On June 29th, an employee accidentally uploaded a CSV file to the VirusTotal platform. This CSV file contained limited information of our Premium account customers, specifically the names of companies, the associated VirusTotal group names, and the email addresses of group administrators,” the company said.

The accidentally leaked CSV file reportedly only revealed the name of the company, the VirusTotal group the user was assigned to, and the user’s email address. According to VirusTotal, the company learned about the incident from fellow analysts via a support system.

“The file was only accessible to our partners and cybersecurity analysts who hold a Premium account with VirusTotal. No anonymous or free account users on VirusTotal had access to the Premium platform,” the company said.

VirusTotal is an essential tool for security researchers as the service aggregates antivirus products and online scan engines, allowing them to check for viruses that antivirus programs may have missed.

VirusTotal was launched in 2004 by Spanish security company Hispasec Sistemas. In 2012, the company was acquired by Google, which gave the ownership to its subsidiary Chronicle in 2018.