it is unlikely to be a "conspiracy" theory.
I complained to "bitdefender" because with their new enforced fucking "cloud" system, not only can they "snag" files. (never used to happen with the standalone version, which they discontinued)
But they can and DO identify personal information , which is then uploaded to their servers.
Because I have seen my personal information ON their server in the "cloud" log files associated with MY account.
This includes "fullpaths" of any files they consider infected.
So yes totally believable story,, since the guy was working on infection code
AV system identifies "code", then they upload it to do an analysis.
Consider the power of this "tool", you get something from a government agency (spying), file name etc.....
Then you upload a "hash" to a "pet" AV company, the AV company then identifies EVERY computer
the same "hash" appears on.
Great way to "out" spies or people with a connection to a file you are interested in.
Or consider it from a "peado" catching system. get the AV to search the computers of millions of people without a search warrant, just based on "hash" values.