VirusTotal, a Google-owned service, has experienced a significant data breach, impacting over 5,600 users, including high-ranking officials from the US Department of Justice, NSA, FBI, and German intelligence agencies. The security incident was first disclosed by Der Spiegel and Der Standard on Jul 20th.
Names and email addresses of those affected, originating from a variety of professions and regions, were unintentionally revealed. This included personnel from notable German corporations like BMW and Mercedes Benz, alongside representatives from the Netherlands, Taiwan, and Great Britain.
As VirusTotal is often used to scrutinize suspicious files and URLs, the risk to user data is considerable. While passwords were not disclosed, the leaked usernames and email addresses present an ample opportunity for threat actors to engage in targeted spear-phishing attacks.
A Google Cloud spokesperson acknowledged the incident, stating, “We are aware of the unintentional distribution of a small segment of customer group administrator emails and organization names.” The list was removed within an hour of posting, and the company is now evaluating its internal processes and technical controls to prevent future breaches.