Yandex is an Internet company that provides users with a suite of products like Internet browsers for all major platforms, a search engine, an ad platform and an email service. It turns out that one of the three people working support for the email service, with access to people’s email accounts, used that power for profit.
According to Yandex, the employee compromised 4,887 email inboxes by providing access to third-parties for personal gain. While we often hear about data breaches due to external efforts from threat actors, they can also result from insider threats. In this case, it’s an employee who abused his power for financial reasons.
“A data breach had been discovered during routine screening by Yandex’s security team,” explained the company. “An internal investigation revealed that an employee had been providing unauthorized access to users’ mailboxes for personal gain. The employee was one of three system administrators with the necessary access rights to provide technical support for the service.”
“A thorough internal investigation of the incident is underway, and Yandex will be making changes to administrative access procedures,” the company added.
The fact that the company went public with the incident is a good strategy because such cybersecurity incidents can really put a dent in the public’s trust. Yandex also contacted law enforcement and made some changes to internal systems to make it more difficult for a single individual to have such widespread access.
Original article: https://www.bitdefender.com/blog/hotforsecurity/yandex-email-admin-sold-his-inbox-access-and-compromised-almost-5000-accounts