The Russian search engine Yandex has detected a major data leak. The company said the data, which belongs to 4,887 email addresses, has been obtained by third parties. The cause of the vulnerability has been admitted to being one of the employees.
Big security flaw from Yandex
The Yandex security department said it had detected various data leaked from 4,887 email addresses. “During the internal investigation, it was revealed that an employee had provided unauthorized access to third parties, user-owned mailboxes. This employee was one of the 3 system managers with the necessary access to provide technical support to the service.” Yandex claims that accesses are blocked shortly, preventing the leak, noting that email users should renew their passwords.
The police and the company have launched an investigation. In addition, Yandex apologized to all its users for the vulnerability and said it would take serious measures against such leaks in the coming periods. He also underlined that he would take some steps towards reducing human control on important issues such as data protection.