Security News > 2023 > July > VirusTotal: We're sorry someone fat-fingered and exposed 5,600 users

On June 29, an employee accidentally uploaded a.csv file of customer info to VirusTotal itself, said Emiliano Martinez, tech lead of the Google-owned malware analysis site.

For those who don't know: VirusTotal allows netizens to - among other things - upload files, or submit a URL to one, and the site runs the material through various malware-scanning engines to see if anything malicious is detected or identified.

Premium subscribers can also download uploaded samples, and thus that's how the uploaded.

Martinez said the snafu was "Unequivocally" not the result of a security breach or vulnerability: "There were no bad actors involved." After the accidental upload, VirusTotal is reexamining its processes and control processes, he said.

"Again we apologize for any confusion or concern this may have caused," Martinez concluded.

Der Spiegel first reported the leak on Monday, saying the 313KB file contained users' names and email addresses belonging to organizations' employees who registered for a VirusTotal account.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/07/21/virustotal_data_exposure_apology/