Russian tech giant Yandex is facing heavy criticism online after a data leak exposed the personal details of more than 58,000 people on its food delivery app, leading the communications regulator to launch a case against it on Wednesday. The regulator, Roskomnadzor, told Russian news agencies that it had restricted access to an online map that appeared on March 22 where the names, phone numbers and addresses of Yandex.Eda customers was exposed, and said Yandex faced a fine of up to 100,000 roubles ($1,020).
Yandex declined to comment. “Roskomnadzor has drawn up an administrative protocol against Yandex.Eda for violating Russian legislation in the personal data sphere,” the regulator said in a statement.
Yandex said on March 1 its Yandex.Eda service had succumbed to a data leak. “As a result of the dishonest actions of one employee, the telephone numbers and order details of clients were published on the internet,” Yandex said at the time.
“The leak did not affect users’ banking, payment and registration details, that is to say logins and passwords. This data is safe,” it said, and apologised to those affected. But this week, people took to Twitter and Telegram to voice their feelings, some criticising the company and threatening legal action, others urging people to improve their online security in the wake of the leak by downloading Virtual Private Networks.
Digital rights group Roskomsvoboda said it was preparing a collective lawsuit and urged victims to join. “We believe this is a gross violation of the privacy of the service’s users and Yandex is giving insufficient protection to sensitive data,” Devdiscourse