Science & Technology News

2022-03-02 16:43:41+00:00

An archive of the Yandex.Food service with customer order data was posted in the public domain, Yandex previously confirmed the leak

According to the Information Leaks Telegram channel, an archive of the Yandex.Food service with customer order data has appeared in the public domain, Yandex previously confirmed the fact of the leak, but did not disclose its details.

According to the data on the leak from the DLBI leak search and monitoring service for the dark web, the Yandex.Food leak appeared in the public domain on February 27. There was an archive with three SQL dumps containing a total of 49,441,507 (49.4 million) order rows, including the following columns and data:

names and surnames of customers, as they are recorded in the user profile of the service;

phone numbers - in total there are 6,882,230 unique numbers from the Russian Federation (almost all regions) and Kazakhstan and 206,725 from Belarus;

full delivery address of the client;

comments to the order;

the download contains order dates from 06/19/2021 to 02/04/2022.

An example of unloading from the leaked database of the Yandex.Food service.

On March 1, the information security service of Yandex.Food spoke about the discovery of a data leak. A press release from the company says that it occurred due to the unfair actions of one of the employees.

According to the service, as a result of a leak in the network, the phone numbers of customers and information about their orders, including the composition and delivery time, were published. The company claims that the leaked information did not contain bank payment or registration data of service users; this information is safe, according to Yandex.

The company said it had conducted an internal audit. Based on its results, the approach to storing sensitive information, including that related to customer orders, was tightened. The company assures that it has provided this data with the necessary level of protection, which is comparable to the level of protection of payment information. In addition, the service will exclude the manual processing of such information and will reduce the number of employees who have access to it by a factor of three.

The Yandex.Food team apologized to users and promised that they would send a letter with details to everyone affected by the leak. With regard to the guilty employee, Yandex promises to take legal action. The company applied to law enforcement agencies with a statement about unauthorized access to customer information, according to a press release on the Yandex website.

bbabo.Net

Youth activists of United Russia will help evacuees from the DPR and LPR
Secretary of the United Russia General Council Andrei Turchak said that on February 19
Refugees from Donbass ready to receive in Sukhum
The mayor's office of the capital of Abkhazia, Sukhum, declared its readiness to accept refugees from the self
Club KHL fired convicted of raping a minor player
Yaroslavl Lokomotiv terminated the contract with American striker Reed Boucher, who was previously sentenced
Lithuania responded to accusations of attempts to attack Belarus with drones
Belarus (bbabo.net), - The drone attack on Belarus by Lithuania is “disinformation

Science & Technology News

An archive of the Yandex.Food service with customer order data was posted in the public domain, Yandex previously confirmed the leak

Youth activists of United Russia will help evacuees from the DPR and LPR

Refugees from Donbass ready to receive in Sukhum

Club KHL fired convicted of raping a minor player

Lithuania responded to accusations of attempts to attack Belarus with drones