1 min read

Yandex Email Admin Sold His Inbox Access and Compromised Almost 5,000 Accounts

Silviu STAHIE

February 16, 2021

Yandex Email Admin Sold His Inbox Access and Compromised Almost 5,000 Accounts

Yandex is an Internet company that provides users with a suite of products like Internet browsers for all major platforms, a search engine, an ad platform and an email service. It turns out that one of the three people working support for the email service, with access to people’s email accounts, used that power for profit.

According to Yandex, the employee compromised 4,887 email inboxes by providing access to third-parties for personal gain. While we often hear about data breaches due to external efforts from threat actors, they can also result from insider threats. In this case, it’s an employee who abused his power for financial reasons.

“A data breach had been discovered during routine screening by Yandex’s security team,” explained the company. “An internal investigation revealed that an employee had been providing unauthorized access to users’ mailboxes for personal gain. The employee was one of three system administrators with the necessary access rights to provide technical support for the service.”

“A thorough internal investigation of the incident is underway, and Yandex will be making changes to administrative access procedures,” the company added.

The fact that the company went public with the incident is a good strategy because such cybersecurity incidents can really put a dent in the public’s trust. Yandex also contacted law enforcement and made some changes to internal systems to make it more difficult for a single individual to have such widespread access.

Data breaches appear to be common events these days. Find out more about how you can regain control of your personal information with Bitdefender”s Digital Identity Protection.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read