From https://yandex.ru/company/press_releases/2021/2021-02-12
Yandex security service disclosed an internal leak
During a regular check by the Yandex security service, an internal leak was disclosed. During an internal investigation, it was discovered that an employee was providing unauthorized access to users' mailboxes. He was one of three system administrators who had the necessary access rights to perform work tasks to provide technical support for the service. As a result of his actions, 4887 mailboxes were compromised.
Unauthorized access to compromised mailboxes is already blocked. Their owners received a notification about the need to change the password from their account.
An internal investigation is carried out on the detected incident and the work processes of employees with administrative rights of this level of access will be reviewed. This will help minimize the impact of the human factor on the security of user data. The company also contacted law enforcement agencies.
We are very sorry for what happened and we apologize to the users who were affected by this incident.
burnerben wrote
everyone in russia mad