VirusTotal Data Leak Exposes Critical Customer Details - Are You at Risk?

Mohit K
July 28, 2023
|
2
mins read

VirusTotal Data Leak Exposes 5k+ Registered Customers' Details

Data associated with a subset of registered customers of VirusTotal, including their names and email addresses, were exposed after an employee inadvertently uploaded the information to the malware scanning platform.

The security incident, which comprises a database of 5,600 names in a 313KB file, was disclosed. Google confirmed the leak and said, it took immediate steps to remove the data - "We are aware of the unintentional distribution of a small segment of customer group administrator emails and organization names by one of our employees on the VirusTotal platform and we removed the list from the platform within an hour of its posting.”

Impact

This breach included data from accounts linked to official U.S. bodies such as the Cyber Command, Department of Justice, Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). Other accounts belong to government agencies in Germany, the Netherlands, Taiwan, and the U.K.

Threat Vector

  • Insufficient Protection against Insider Threats
  • Improper Cloud Access Security Broker Data (CASB) Validation

Security Recommendations

  • Educate employees and improve awareness
  • Add trending attack scenarios and prevention technique tutorials and shorts to the awareness training
  • Validate the CASB rules and monitor the suspicious attachments
  • Make sure the suspicious attachments are reviewed by the security experts and approved/declined
  • Monitor the dark web and public data leakage
  • Strengthen corporate data security and acceptable use policy

How Telivy Can Help Your Organization

Dark Web Monitor ✅

External Network Vulnerability Scan ✅

Sensitive Data Identification ✅

Credential Leakage Detection ✅

Phishing Simulation & Training✅

Identity and Access Management ✅

External Surface Exposure ✅

And Much More ✅

If you are interested in a demo of how our services can help you manage this concern and many more, please email support@telivy.com and we will reach out to schedule some time with you!

Reference

The Hacker News. “VirusTotal Data Leak Exposes Some Registered Customers’ Details.” The Hacker News, thehackernews.com/2023/07/virustotal-data-leak-exposes-some.html.

Image by benzoix on Freepik

Automate your cyber security audits and monitor your security posture.
Get a Free ScanSchedule Demo

More from Telivy's Blog

Learning Center | SSL/TLS Misconfigurations

Overall, the absence of SSL/TLS encryption in email transmission raises significant concerns about data security, privacy, and regulatory compliance. To mitigate these risks, organizations should prioritize the implementation of SSL/TLS encryption for email communication to ensure the confidentiality, integrity, and authenticity of sensitive information exchanged via email. Additionally, users should be educated about the importance of encryption and best practices for secure email communication to minimize the risk of data breaches and unauthorized access.

Learning Center | Open Ports

To mitigate the cyber risks associated with high severity open ports, organizations should implement robust cybersecurity measures, including regular vulnerability assessments, patch management, network segmentation, access controls, intrusion detection systems, and security monitoring. By identifying and addressing vulnerabilities promptly, organizations can reduce their attack surface and enhance their overall cybersecurity posture.

Learning Center | Typosquatting

Learn more about typosquatting, which involves registering misspelled domain names of popular websites to deceive users and potentially engage in malicious activities.

Made in San Francisco ❤️
Ⓒ 2024 Telivy. All rights reserved