Russian search engine, ride-hailing and email service provider Yandex disclosed a data breach that compromised 4,887 email accounts of its users. The company blamed the incident on an unnamed employee who had been providing unauthorized access to the users’ mailboxes for personal gain. The security breach was identified during a routine audit of its systems by its security team. It’s not immediately clear when the breach occurred or when the employee began offering access to third-parties. This is not the first time insider threats have plagued tech companies and resulted in reputational damage.
Source: https://thehackernews.com/2021/02/yandex-employee-caught-selling-access.html