Yandex Suffers Data Breach, Exposes Email Accounts

February 16, 2021 admin OSINT, Security, threatintel

Click the icon to Follow me:-

Russian internet and search organization Yandex declared on Friday that one of its system administrators had enabled unapproved access to a huge number of client mailboxes. The organization found the breach internally, during a standard check of its security team. The investigation uncovered that the employee’s activities prompted the compromise of almost 5,000 Yandex email inboxes. This employee was one of three system administrators, who had the access privileges to offer technical support for mailboxes, said Yandex.

AMD Ryzen 9 3900X 12-core, 24-thread unlocked desktop processor with Wraith Prism LED Cooler $484.00

The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ... read more

(as of February 28, 2021 - )

AMD Ryzen 5 5600X 6-core, 12-Thread Unlocked Desktop Processor with Wraith Stealth Cooler ~~$389.99~~ $377.10

AMD's fastest 6 core processor for mainstream desktop, with 12 processing threads Can deliver elite 100+ FPS performance in the world's most popular games Bundled with the quiet, capable AMD Wraith Stealth cooler 4.6 GHz Max Boost, unlocked for overc... read more

(as of February 28, 2021 - )

AMD Ryzen 5 2600 Processor with Wraith Stealth Cooler - YD2600BBAFBOX ~~$199.00~~ $189.99

System ram type: DDR4_sdram

(as of February 28, 2021 - )

“A thorough internal investigation of the incident is under way, and Yandex will be making changes to administrative access procedures,” said Yandex’s Friday security advisory. “This will help minimize the potential for individuals to compromise the security of user data in future. The company has also contacted law enforcement.”

As indicated by Verizon’s 2020 Data Breach Investigations Report (DBIR), internal actors were behind 30% of breaches (with the dominant part, or 70%, coming from external actors). An insider threat could leave organizations spiraling from financial or brand damage – but additionally an absence of ensuing trust from clients. In a recent January case, for example, a former ADT employee was found adding his own email address to the accounts of attractive women, so he could have around-the-clock access to their most private moments. In December, a former Cisco Systems employee was condemned to two years in prison, subsequent to hacking into the networking company’s cloud infrastructure and deleting 16,000 Webex Teams accounts in 2018. Furthermore, in October, Amazon fired an employee who shared clients’ names and email addresses with a third party.

“Yandex’s security team has already blocked unauthorized access to the compromised mailboxes,” the organization says, adding that the proprietors have been cautioned of the breach and that they need to change their account passwords. Because of the occurrence, Yandex will make changes to the administrative access procedure to expand the security of client information. As indicated by the organization, payment details have not been affected. While this information breach deserves serious scrutiny, Yandex confronted a graver threat in the past, when Western intelligence agencies compromised their systems with Regin malware.

The assault occurred between October and November 2018, and it targeted technical information regarding user account authentication, Reuters learned at that point. Yandex recognized the assault and said that it was detected and neutralized before it brought on any harm.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.