Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Qatar National Bank Says Systems ‘Fully Secure’ After Cyber Attack

Qatar National Bank Building

Qatar National Bank said that its systems are “fully secure” following a hacker attack that resulted in a large number of files allegedly stolen from the financial institution’s systems being leaked online.

Qatar National Bank Building

Qatar National Bank said that its systems are “fully secure” following a hacker attack that resulted in a large number of files allegedly stolen from the financial institution’s systems being leaked online.

In a statement published to its website on Sunday, the bank said the incident will have no financial impact on its customers.

The leaked data, currently available from Cryptome and other sources, was first distributed via Twitter using several accounts that tweeted a global-files.net link to news outlets, journalists and others.

The leaked information, totaling roughly 1.5 Gb in size, consists of more than 15,000 files. The data includes banking information, payment card details, email addresses, passwords, physical addresses, phone numbers, and QNB user profiles.

The user profiles, which in some cases contain photographs, were stored in folders whose names suggest that they are linked to government organizations, including intelligence agencies, in Qatar and other countries. One of the folders includes information on people working at Qatar-based media company Al Jazeera.

According to the bank, however some of the information leaked was pulled from “non-QNB sources”.

“While some of the data recently released in the public domain may be accurate, much of it was constructed and contains a mixture of information from the attack as well as other non-QNB sources, such as personal data from social media channels,” the statement read. 

“We believe the nature of this incident is fundamentally an attempted attack on QNB Group’s reputation and not specifically targeted at our customers,” the bank said.

Advertisement. Scroll to continue reading.

“All our customers’ accounts are secure, and as always, we encourage customers to be vigilant, taking the usual precautions of frequently changing their usernames and passwords through QNB Group internet banking.”

Established in 1964 as the country’s first Qatari-owned commercial bank, QNB Group reported profits of $787 million for the first quarter of 2016.

News of the breach at Qatar National Bank comes just weeks after Bangladesh’s central bank announced that cybercriminals managed to steal over $100 million from one of its accounts at the Federal Reserve Bank of New York. The bank managed to recover some of the money, but $81 million that were transferred to the Philippines are still missing.

British defense, security and aerospace company BAE Systems revealed last week that the attackers appear to have used custom malware that allowed them to conduct fraudulent transfers without being detected.

(Additional reporting by Eduard Kovacs)

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Cloud Security

VMware described the bug as an out-of-bounds write issue in its implementation of the DCE/RPC protocol. CVSS severity score of 9.8/10.