Russian search engine and email provider Yandex said today that it caught one of its employees selling access to user email accounts for personal gains.
The company, which did not disclose the employee’s name, said the person was “one of three system administrators with the necessary access rights to provide technical support” for its Yandex.Mail service.
The Russian company said it’s now in the process of notifying the owners of the 4,887 mailboxes that were compromised and to which the employee sold access to third-parties.
Yandex officials also said they re-secured the compromised accounts and blocked what appeared to be unauthorized logins. They are now asking impacted account owners to change their passwords.