Anonymous claims to have successfully breach Yandex.ru. However, their leak seems nothing more than just a combination of previous leaks.
Anonymous claims to have breached Russian search Yandex.ru, putting 150k users at risk. At this point, it is not possible to say whether the breach has occurred. However, it seems that most of the passwords don't work, and even if they did, 2FA would make them useless.
"The network of the Russian search giant http://Yandex.ru has been breached by #Anonymous, leaking data of 150k users with mail & password, incl. verified accounts," Anonymous tweeted on Saturday.
Cybernews analyzed the files mentioned above. Even though Anonymous claims to have breached Yandex, one file contains more than 5 million email addresses and passwords belonging to Yandex, mail.ru, inbox.r/lv, and even Gmail accounts.
The second file seems to be dedicated only to Yandex clients and contains 125k entries.
We can't say what happened or whether someone has breached the Yandex internal system. It seems more like a collection of Yandex emails and passwords from the previous leaks, such as COMB or RockYou2021. Nevertheless, we reached out to Yandex.ru to hear more and will update this article according to their response.
However, it seems that Yandex.ru users are not at much risk. First of all, a data breach or a similar event usually triggers a password reset initiated by the company. Moreover, even if some passwords are still in use, the account might be protected by the two-factor authentication. In this case, it seems that the leak is nothing more than just a long list of email addresses that could be used for spam.
On 12 February, Yandex's internal investigation revealed that an employee provided unauthorized access to users' mailboxes for personal gain. As a result of his actions, 4,887 mailboxes were compromised. Yandex.ru said it would be making changes to administrative access procedures to minimize the potential for individuals to compromise the security of user data in the future.
More from Cybernews:
Subscribe to our newsletter