Security News > 2021 > July > VirusTotal ordered to reveal private info of stolen HSE data downloaders
An Irish court has ordered VirusTotal to provide the information of subscribers who downloaded or uploaded confidential data stolen from Ireland's national health care service during a ransomware attack.
To prove the data theft, the Conti gang posted a link to a file in their ransomware negotiation chat that they said contained samples of the stolen data.
According to FT.com, this sample of stolen data consisted of 27 stolen HSE files containing patient data, which was subsequently uploaded to the VirusTotal malware scanning site.
After the Irish courts issued an injunction requiring anyone who possessed the stolen data to return it to HSE, FT returned the data but refused to share the source who provided them the samples.
On Tuesday, the High Court of Ireland has issued an order requiring Chronicle Security Ireland and Chronicle LLC, the owners of VirusTotal, to hand over the private information of subscribers who downloaded or uploaded the HSE data.
According to TheJournal, the file containing the stolen data was downloaded 23 times from VirusTotal before the service removed it on May 25th..