Scroll Top

Data leak exposes sensitive information of VirusTotal users – Urgent Security Alert


In a concerning incident, sensitive data of registered customers on VirusTotal, a widely used malware database, was exposed in a data leak. Security analysts and IT professionals worldwide heavily rely on VirusTotal to scan files and URLs for viruses and malware, making this breach a significant concern for the global cybersecurity community.

The leak’s impact
The data breach was disclosed by Der Spiegel and Der Standard, revealing that a small 313KB file, accidentally uploaded by an employee, contained the names and email addresses of 5,600 registered users on the platform. Among those exposed were employees from prominent organizations, including the NSA and German secret service.

Google’s swift response
VirusTotal, which became a subsidiary of Google Cloud Chronicle in 2018, acknowledged the leak and acted swiftly to remove the exposed data. The company confirmed that passwords were unaffected, but the leak included customer group admin emails and organization names. Google has initiated an internal review of processes and technical controls to prevent such incidents in the future.

Risks of social engineering and phishing attacks
The leaked information poses risks of potential social engineering and targeted phishing attacks. IT security personnel in various organizations may be targeted due to their access to sensitive information. For instance, the VDMA (The German Association of Mechanical Engineers) accidentally shared a portal link and password via email, potentially exposing their data to unauthorized access.

Impact on Government and corporate entities
The leak impacts entities such as Austria’s Federal Ministry of Defense and Interior, the BSI (Federal Office for Information Security) with three affected employees, and well-known German corporations like Allianz, BMW, Daimler, Deutsche Telekom, among others. Given the confidential nature of their work, these exposures are of particular concern.

Expert suspicions and recommendations
Experts speculate that not only hackers but secret services may also use VirusTotal to test attack codes against antivirus manufacturers and track hackers uploading their tools. In response to this data leak, the BSI strongly advises against uploading any files to the VirusTotal scanning portal.’s call to action
As a leading authority in digital intelligence, urges users to exercise caution and strengthen their cybersecurity practices. Vigilance against social engineering and phishing attempts is essential to safeguard personal and organizational data.

As the cybersecurity landscape continues to evolve, remains committed to monitoring such incidents and providing timely insights to protect users against cyber threats. Together, we can create a safer and more secure digital environment for all.

Leave a comment

You must be logged in to post a comment.
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.