Racial slurs discovered in leaked Yandex source code
Russian tech giant Yandex apologized on Friday for racial slurs uncovered in the company’s source code. The apology came in response to the discovery of multiple references to the N-word in the company’s code base after it leaked online. “We deeply regret that this word ever appeared in our internal codes,” the Yandex press office told CyberScoop in an email Friday.
A researcher who goes by the name “Wacky Fruit” on Twitter posted screenshots Thursday showing the use of the word in multiple places. “Yandex, R U F*** serious?!,” they tweeted.
According to the Yandex press office, the code in question appears “to be old fragments differing from the current version of the company’s repository and would never have affected any of the company’s services.” The company called the incident a “blatant violation of our corporate ethics” and said it is conducting a review to understand “how this happened” and to take measures to “to ensure this does not happen again.”
A link to the repositories containing Yandex code totaling nearly 50 gigabytes was posted to a popular hacked database forum Thursday. The leaked files date to Feb. 24, 2022 — the day of the Russian invasion of Ukraine — and contain source code for almost all of the company’s major services, but no user data, the researcher Arseniy Shestakov wrote on his personal website Thursday.
Yandex is one of the biggest technology companies in Russia, offering a wide array of services such as search, maps, email, delivery on demand, voice assistance and autonomous vehicles, among other things. “Within country it provide wider range of services than Google,” Shestakov wrote on his blog. “Imagine one company that replace Google, Uber, Amazon, Netflix and Spotify.”
Grigory Bakunov, a former Yandex systems administrator and developer, told Bleeping Computer that the motive of the data leak was political, given that the date on the files and that the person who posted it had apparently not tried to sell it to competitors. Bakunov also said that although the company says the code is not the current version, “it might be up to 90% similar.”