October 3, 2023

VirusTotal, the Google-owned online service used to analyze questionable files and URLs to detect malicious material or malware, has experienced a data leak, exposing the data of 5,600 of its users, including some very high-profile people

VirusTotal is used in a manner where files that are uploaded by users into the interface can contain sensitive data, putting organizations and their data at risk. Though passwords remain concealed, the usernames and email addresses that were leaked in this data breach are enough for threat actors to be able to spear-phish anyone who was affected by the breach.

Der Speigel, a German publication, had confirmation from Google that the leaked data includes names and email addresses of employees from various backgrounds, but passwords are safe somehow.


The list contains the names and corporate email addresses of 5,600 users who registered the account. Among those are employees at:

  • The US Cyber Command, the US Department of Justice, the FBI, and the US intelligence agency NSA
  • Official bodies from the Netherlands, Taiwan and Great Britain
  • Many German organizations including the Federal Police, the Federal Criminal Police Office, the Military Counterintelligence Service (MAD) and the Federal Office for Telecommunications Statistics.
  • Big German companies (Deutsche Bahn, Bundesbank, Allianz, BMW, Mercedes-Benz, Deutsche Telekom)

We are aware of the unintentional distribution of a small segment of customer group administrator emails and organization names by one of our employees on the VirusTotal platform. We removed the list from the platform within an hour of its posting, and we are looking at our internal processes and technical controls to improve our operations in the future.

Google Statement

Leave a Reply

%d bloggers like this: