unknown published on the forum Breachforums archive, including the contents of the internal GIT-re positors of Yandex. It is claimed that the leak occurred in July 2022 (inside all files were dated February 24, 2022).
Archive, the size of which is 44.71 GB, includes cuts of repositories with the code of 79 services and Company projects, including the search engine (front-line and backend), pages indexation, Yandex Metrika Web-analytics, Yandex Maps Cartographic System, Support Voice Assistant, Yandex Taxi, Yandex Direct Advertising Platform, Yandex Mail Postal Service Platform. , Yandex Disk storage, content delivery network, Yandex Market trading platform, Yandex360 business services, Yandex Cloud cloud platform and Yandex Pay payment system.
Yandex confirmed the leak, but stated that it did not occur as a result of hacking. It is also specified that the leak covers only the code and does not affect data and personal information. Nevertheless, during the analysis of the contents of the archive, enthusiasts have already identified several access keys to the API, which were supposedly used in the testing process, but were not used in working environment. The code is published in the form of a cut of the contents of repositories, without the history of changes. In addition to the code in the archive, there is also internal documentation, which refers to links to Web services in the company’s intranet networks.