Hackers leak 1.4GB database of information after breaching Qatar National Bank
A group of unknown hackers have claimed to have hacked into the servers of Qatar National Bank (QNB), based in Doha and posted online to the whistleblower site Cryptome on April 26. Before uploading on this site, the massive leak was uploaded at Global-Files.net, but it was quickly removed without explanation.
The leaked data, which totals 1.4 GB, apparently includes internal corporate files and sensitive financial data for QNB’s customers, such as passwords, account numbers, and credit card information. Moreover, the hackers also claim to have leaked banking details of the Al-Thani Qatar Royal Family and Al Jazeera journalists.
The leaked documents is separated by several different folders, “some of which are named ‘Al Jazeera,’ ‘Al Thani,’ ‘Defence and etc,’ ‘SPY, Intelligence,’ and ‘Mukhabarat,’” or Qatar’s intelligence agency, according to the Doha News report.
Other documents reportedly belong to alleged French and Polish intelligence agents containing social media accounts, phone numbers, family names and credit card details. In one instance, a file marked “wife”, opens a photo showing a woman and two children. There are roughly a dozen of these intelligence dossiers included in the Qatar data dump.
In the leaked data is a folder for Al Jazeera which contains that contains nearly 30 separate profiles alongside a Microsoft Excel file that holds more than 1,200 records, which includes national ID numbers, telephone numbers and home addresses. Much like the intelligence files, the Al Jazeera disclosure also contains a file by the name of “Spy” with a picture of an unknown man and includes financial details, social media accounts, and passwords.
It is unclear if the data is legit or who was behind the hack/leak or what was their motive. However, according to QNB’s official statement, they commented that “it is QNB Group policy not to comment on reports circulated via social media. QNB would like to take this opportunity to assure all concerned that there is no financial impact on our clients or the Bank.
“QNB Group places the highest priority on data security and deploying the strongest measures possible to ensure the integrity of our customers’ information. QNB is further investigating this matter in coordination with all concerned parties,” the bank’s website read.
— Arnaud ?[fzn] (@fznguy) April 25, 2016
Simon Edwards, cybersecurity expert with Trend Micro, who analysed the data said: “The breach seems to be a classic attack on a bank, with the majority of data leaked online exposing customers’ bank account details, such as account numbers, credit cards and addresses.
“There’s also a lot of information on banking transactions, suggesting that the perpetrators were trying to expose specific transactions. This theory can be further strengthened by the hacker’s attempts to profile the bank’s customers into different categories, mostly focusing on Qatar’s TV network along with other foreign agencies, some of which are categorised as ‘spies’.”
He added: “Interestingly, there is also additional data about mainly foreign bank account holders, which includes information such as their Facebook and LinkedIn profiles, along with ‘friends’ associated through those social networks. This data doesn’t appear to have come directly from the bank itself, rather the perpetrator used the data held by the bank to then build up profiles of further targets.”
QNB is one of the Gulf state’s biggest banks operating in more than 27 countries with more than 15,300 employees.