Yandex, one Russia’s largest internet companies, has disclosed a data breach today. In a breach notification put out, it revealed that one of its system admins has been selling access to Yandex employees’ email boxes to unauthorized parties for personal gain. Realizing the incident, Yandex terminated the access and informed the affected mailbox owners.
Yandex Internal Data Breach
Yandex is available in several technology spaces from search engine to delivery and has been serving the world, with Russia and Europe as majors. The company has earlier been a target for Western intelligence groups since it is closely connected to the Russian Federation, and now, it has a new data breach incident reported.
In a notification shared today, Yandex revealed an internal data breach. One of its three system administrators was found to be selling email box access to unauthorized parties for personal motives. After the preliminary investigation, it was found that about 4,887 employees’ email boxes have been affected by this act.
Yandex has soon terminated this access and informed the owners of those affected email accounts about changing passwords. It also assured that no payment data held with Yandex was compromised in this incident. The company says to have informed the law enforcement and is taking steps to minimize the effect.
It said, “A thorough internal investigation of the incident is underway, and Yandex will be making changes to administrative access procedures. This will help minimize the potential for individuals to compromise the security of user data in future.” It’s not known since when the sysadmin has been selling this access.
Finally, it apologized to those affected by this incident and asked the concerned to contact ([email protected]) for support relating to the incident. More information on this is yet to be revealed.