Russian intelligence food habits leaked from food delivery app data breach


Russian food delivery app Yandex Food recently became a victim of a cyberattack that led to the leak of phone numbers, addresses, names, and delivery locations of over 58k users.

The incident took place on March 1st this year and investigations revealed the leak occurred because of a lack of awareness of cyber hygiene in one employee of Yandex Food, a business unit of the Russian internet firm, Yandex.

Roskomnadzor has responded to the incident and released a press statement that the company has to pay a penalty of 100,000 rubles for exposing its user information to hackers.

Meanwhile, investigations made by researchers from Netherlands-based business firm Bellingcat revealed that the leaked info contained information regarding those working for intelligence service and their day-to-day food habits and the parcel delivering address details.

That means any hacker could have accessed and copied the information and use that data to launch poisoning attacks, like the one witnessed in the death of opposition leader Alexey Navalny.

Bellingcat is into investigative journalism opines that such data leaks could lead to the disclosure of sensitive information, such as the food habits of military and intelligence officials. And that could further lead to potential poisoning campaigns such as the Federal Security Service (FSB) plan to assassinate Navalny, with a poisonous substance.

Yandex has issued an apology and assured us it will take all necessary measures to eradicate such incidents in the future.

What if the names and email addresses lead to information leak blunders, such as vehicle registration number leaks?

One can just search the contact details belonging to the Russian Main Intelligence Directorate(GRU) by knowing their email address and name.


Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display