Moscow, April 4 (IANS): A data breach at popular Russian food delivery service Yandex Food has revealed the personal details of 58,000 users, including those associated with the government’s secret police.
Affected users include Russian security services and military officers who even ordered food from their workplace using their official email addresses, according to the findings of the US-based investigative journalism group. Netherlands Bellingcat.
The leak includes user emails, a large number of phone numbers, addresses and orders placed on the food delivery platform.
“An address Bellingcat is researching is Dorozhnaya 56 Street in Moscow. This facility is linked to the Russian National Guard (Rosgvardia), which was active in the invasion of Ukraine,” the research group said.
The researchers even had access to an individual linked to the poisoning of imprisoned Russian opponent Alexei Navalny.
Searching the database, Bellingcat discovered the name of the person who was in contact with the Russian Federal Security Service (FSB) to plan the poisoning of Navalny.
This person “also used their work email address to register with Yandex Food, allowing researchers to further verify their identity.”
Yandex blamed one of its employees for the hack and subsequent data leak from Yandex Food.
Russian media watchdog Roskomnadzor tried to block the data leak. The communications regulator also threatened to penalize the online food delivery service up to $1,166 for the leak.
“With the increase in cyberattacks from Ukrainian and pro-Ukrainian hacker organizations, we should expect to see more leaks of government and customer databases, some of which could be useful in investigating security issues. ‘public interest,’ the research group said.