Data breach in Yandex; thousands of Russian email users affected

Yandex, a Russian technology company, has revealed that one of its system administrators allowed unauthorized access to thousands of mailboxes. The company detected this anomalous behavior during a routine security audit, discovering that the incident would have affected approximately 5,000 users of its email service.

Yandex is a multinational company specialized in services and products related to the use of the Internet. It is the largest technology company in its territory and also operates Russia’s most important search engine, covering more than 60% of the market in this sector.

The person responsible for this data leak is an employee of systems with administrator privileges in technical support for the company, who acted deliberately in search of a personal economic benefit, mentions the Yandex report. So far it is ignored whether this individual was acting of his own interests or receiving orders from someone else in the company, although Yandex has not ruled out any possibility.

No details were provided about the period of activity of this malicious employee, although Yandex did specify that a total of 4,887 email accounts were exposed as a result of this behavior. The cybersecurity community has already tried to contact the company, which has not added further reports.

Yandex only issued a statement noting that unauthorized access to this information has already been blocked, and the affected users have already been notified about it, asking them to reset their login credentials to these accounts. The company also mentions that, as a result of this attack, a number of changes will be implemented to increase protections for its users’ information. Yandex concluded his message by clarifying that its clients’ financial information was not compromised during this incident.

This incident is an addition to Yandex’s long list of security threats in recent years. Between October and November 2018, the company suffered a massive attack powered by Regin malware variant; while this attack may have disastrous consequences, the company mentioned that its security teams managed to detect it in time and disrupt malware deployment.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) website.