top of page

Russian Search Engine Yandex Leaks Source Code, Incident Highlights Security Challenges

The source code of Russian tech giant Yandex has been leaked online, revealing the underpinnings of the company's many apps and services. The 45GB of code files were allegedly taken by a former employee and posted online in January 2023 as a torrent file. The code, which dates back to February 2022, contains key ranking factors for Yandex's search engine, which is the fourth-largest search engine in the world by volume.

The search engine code reveals the ranking criteria for Yandex's search algorithm and is being described as the most significant event in search engine optimization in years. Some of the ranking criteria include having a lot of organic traffic, having optimized code, having keywords in the URL, having reliable servers, and being linked from Wikipedia pages. The code leak also showed that there are more than 1,000 ranking factors that have been deprecated and over 200 that are unused. Yandex claims that the code leak posed no threat to user data or platform performance.

Jadee Hanson, Code42

Jadee Hanson, CIO and CISO at Code42, shared more about the threat of intellectual property theft and how organizations should mitigate potential leaks or breaches.

“The Yandex incident underscores the reality that insiders can - and sometimes do - become a threat and cause harm to the business. Security teams need to be aware that newer, sophisticated attacks are coming from inside their organizations more frequently, creating a growing need to increase visibility into data movements to ensure confidential information stays with the company. Intellectual property (IP) theft is a vast, and likely underreported, problem facing organizations today, and source code is one of the most valuable and vulnerable pieces of IP a company possesses. Data leaks of this variety, like Yandex recently experienced, can have a high impact on an organization’s reputation and bottom line, which is why faster exposure detection is so important.

While developer teams frequently share code online for collaboration, security teams need a way to see what potentially unauthorized source code activity is occurring behind the scenes - including unauthorized source code exfiltration via Git. Companies should constantly re-evaluate their current security procedures and tools so their security teams can quickly take appropriate action when IP moves to an untrusted location.”


bottom of page