Yandex employee causes data breach, compromises 4,887 user accounts

The Company’s internal security system discovered the breach and the concerned users had to be requested to change their passwords


Russian-Dutch multinational e-commerce company, Yandex, recently discovered that one of its employees was selling access to the e-mail accounts of its users. The Web search engine has now started informing each of the concerned users to change their passwords. It has, however, assured that the payment data of the users remains safe.

The search engine, which is very popular in Russia, and has indexed many Russian websites to facilitate free access to services, just like Google. It also offers a free webmail service.

The culprit was was a systems administrator at the Company who, being in a support function, happened to have access to the accounts. He was caught amidst a routine screening by the internal security team, offering unlawful access to the mail boxes of users for his own “personal gain”.

The said accounts have now been secured and the illegal logins the accused employee provided have also been terminated.

A formal and thorough investigation is underway into the incident. The access level to user data allowed to adminsitrators within the organisation is also being relooked at.

With its headquarters in Moscow, Yandex claims to be amongst the largest internet companies in Europe, and is a very popular search engine and ride-hailing company in Russia. Amongst the 70 internet-related products and services it offers, are its search engine, e-mail service as well as online advertising.

Comment on the Article

Please enter your comment!
Please enter your name here

sixteen − five =