Yandex breach came to light during a routine security check. The incident has affected a total of 4,887 accounts. The firm confirms that the employee in question was among the three system administrators with clearance to access rights to offer technical support for the service. Yandex also highlights the mitigation measures put in place following the breach. The statement notes that: As a result of the breach, Yandex will make changes to the administrative access procedure to increase user data security. At the same time Yandex has also contacted law enforcement. The breach comes barely a week after Yandex announced plans to launch a non-cash payment service dubbed Yandex Pay. Yandex Pay will be available on Yandex web pages.
Yandex Regin malware attack
This is the second high profile breach to affect Yandex in about two years. Towards late 2018, it emerged that Western Intelligence operatives infiltrated Yandex with the Regin malware. The malware allegedly intended to spy on user accounts. Yandex acknowledged the attack stating it was detected and neutralized before further damage.
