On September 28, a technical failure occurred in the operation of Yandex services, which caused duplication of operations and unauthorized debiting of funds from user accounts in favor of the company. Yandex technical support reported that specialists check and cancel erroneous transactions manually, so it will take several days to return the funds.
Image source: Yandex/WikiFido, CC BY-SA 4.0
The message also says that on September 27, users of the Yandex Taxi service were faced with money being written off for trips they did not make. Numerous messages about this appeared on social networks. The Yandex press service stated that they had eliminated the technical reasons for the additional write-offs that users of the company’s services had encountered. “We have also already issued a refund for excess debits; the time it takes for them to be credited to the client’s account depends on his bank and can take up to three days,” said a Yandex representative.
According to an interlocutor in the cybersecurity market, the failure of Yandex services is due to the fact that the company was updating its software over the weekend, and at the same time a cyber attack was carried out on its systems. The information security company Informzashita believes that the failure could have occurred during a software update, since this happens when it is configured incorrectly, or when incompatibility with already installed software occurs.
«An error in duplicating payments could be one of the consequences of the failure. The information structure may have been damaged. At the same time, the Yandex services themselves ultimately remain available to users, from which we can conclude that there are no longer any technical difficulties,” says a representative of Informzashita. The company also noted that this incident would cause significant reputational damage to the company, since we are talking about users’ funds. Yandex did not confirm the fact of a cyber attack on the company’s IT systems, noting that the failure occurred due to a technical error.