Several cyber security sources have had reports of a cyber breach in one of the largest email servicing company in Russia, Yandex. The company happened to a victim of a security cyber breach that lead to several passwords being leaked in revealed in the public domain. Several passwords in millions become available online for open access.
The first forum that revealed these malicious acts was an online news publication that has over the years been known for its technology related news known as Habrahabr.ru. Millions of Yandex username and password details were leaked and dumped in one of public forum from Russia that basically deals in issues related to Bitcoin security status. The file was published by a forum member nick named tvskit and the Russian Bitcoin security forum was just one of the public domains. Further research on the mentioned nickname revealed that the name belonged to a middle aged man in his early thirties who lived in Russia. His posts showed links to the leaked file however he did not claim responsibility to any of the breaches.
The news and tech publication Habrahabr.ru are said to have taken their investigation into the dump cyber breach a little further and discovered that they too were victims which meant that the leaked database was genuine. This password and username details breach led to high tension and unrest among members on various online communities. A security research agent and the mind behind haveibeenpwned.com based in Australia revealed the file that had 123,000 yandex.ru email addresses and their passwords.
Initially, there was denial in the corporate world about the dump cyber breach that affected even other well established companies besides Yandex, most suggesting that the leaked credentials were invalid and had no impact on the privacy of their clients. The leak of the usernames and passwords combination is said to have originate from other sources and not as a result of the email servicing system breach. Company officials stated that most of the leaked credentials were blocked and this made it impossible to log in to the accounts claimed to be breached. The affected accounts however had to be reset with new passwords and user names.
Basing on the information retrieved from various cyber security sources, the file and databases leaked showed us that the compromised email accounts were inactive for a long while or registered through automation technique despite some of the breached user accounts being confirmed to be real and in existence. To boost security for breached accounts, users were advised to adapt the two-factor authentication and activate other options that help in recovering an account.
Research conducted that indeed there were some accounts that could not hold any validation and therefore termed false accounts. The Yandex cyber security breach was due to leaking of three different lists that appear to be from the same individual despite all claims of a database breach being denied by the company. It is not very clear the exact number of breached accounts by the unfortunate cyber attack neither their intended purpose.