Yandex Employee Caught Selling Access to Users’ Email Inboxes

The Hacker News

Russian Dutch-domiciled search engine, ride-hailing and email service provider Yandex on Friday disclosed a data breach that compromised 4,887 email accounts of its users.

The company blamed the incident on an unnamed employee who had been providing unauthorized access to the users’ mailboxes for personal gain.

The employee was one of three system administrators with the necessary access rights to provide technical support for the service, Yandex said in a statement.

The company said the security breach was identified during a routine audit of its systems by its security team. It also said there was no evidence that user payment details were compromised during the incident and that it had notified affected mailbox owners to change their passwords.

Full article