ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Yandex Dump Data Breach

forum.btcsec.com
Significant exposure
Verified breach Passwords exposed
Accounts exposed 1,186,564
Breach date 07 Sep 2014
Added to tracker 12 Sep 2014
Data classes 2

What happened

In September 2014, news broke of a massive leak of accounts from Yandex, the Russian search engine giants who also provides email services. The purported million "breached" accounts were disclosed at the same time as nearly 5M mail.ru accounts with both companies claiming the credentials were acquired via phishing scams rather than being obtained as a result of direct attacks against their services.

Exposed data

Email addresses Passwords

Recommended actions

  • Change your Yandex Dump password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Yandex Dump โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP