An employee of the Google-owned platform VirusTotal accidentally uploaded a file with the names, email addresses and other data of hundreds of people working in intelligence agencies and ministries of defense around the world. In particular, the list includes persons associated with the US Cyber Command, the NSA, the Pentagon, the FBI and a number of units of the US Army.
Interestingly, just the other day we wrote about a large leak of letters from the US military due to the typo, and we also wrote about a Western Digital data leak after a hack.
US Military Agencies Data on VirusTotal
Der Spiegel journalists were the first to leak an important 313 kilobyte file containing information about 5600 VirusTotal clients. According to them, the list contains the names of organizations and email addresses of employees who have registered accounts.
The publication emphasizes that it has verified the authenticity of the list and made sure that many of the people listed are actually civil servants, and some of the victims can be easily found on LinkedIn. According to media reports, more than 20 entries on the list belong to members of the US Cyber Command, the US Department of Justice, the Pentagon, the federal police, the FBI, the NSA, and so on.
From the UK, the list included more than ten employees of the Ministry of Defense, as well as email addresses belonging to employees of CERT-UK, which is part of the country’s Government Communications Center (GCHQ). According to the GCHQ email format, employee mailboxes contain only the initials of each user’s last name. However, full names are contained in email addresses belonging to specialists from the Ministry of Defense, the Cabinet of Ministers, the Office for the Decommissioning of Nuclear Power Plants and the UK Pension Fund.
In addition, employees of various ministries of Germany (including the Federal Police, the Federal Criminal Police Office and the Military Counterintelligence Service), Japan, the United Arab Emirates, Qatar, Lithuania, Israel, Turkey, France, Estonia, Poland, Saudi Arabia, Colombia, the Czech Republic, Egypt, Slovakia and Ukraine became victims of the leak. About 30 more email addresses belong to employees of Deutsche Bahn (Germany’s main railway operator), and the file also contains data about employees of the Bundesbank and such large companies as BMW, Mercedes-Benz and Deutsche Telekom.
Why is that so critical?
Although the leak only affects email addresses and names, even these can be valuable information for hackers. The fact is that the file sheds light on people who deal with cybersecurity and malware in many companies, departments and organizations. As a result, they can become targets for spear phishing attacks or social engineering. In addition, it can be understood from the list that, for example, some military personnel use personal mailboxes and personal Gmail, Hotmail and Yahoo accounts in their work.
Google representatives have already told the media that they are aware of the leak, and the company has already taken all necessary measures to eliminate it.