Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Qatar National Bank Investigating Data Leak

The Qatar National Bank (QNB) has launched an investigation after someone leaked a large number of files allegedly stolen from the financial institution’s systems as a result of a hacker attack.

The Qatar National Bank (QNB) has launched an investigation after someone leaked a large number of files allegedly stolen from the financial institution’s systems as a result of a hacker attack.

The leaked data, currently available from Cryptome and other sources, was first distributed via Twitter using several accounts that tweeted a global-files.net link to news outlets, journalists and others.

The leaked information, totaling roughly 1.5 Gb in size, consists of more than 15,000 files. The data includes banking information, payment card details, email addresses, passwords, physical addresses, phone numbers, and QNB user profiles.

The user profiles, which in some cases contain photographs, are stored in folders whose names suggest that they are linked to government organizations, including intelligence agencies, in Qatar and other countries. One of the folders includes information on people working at Qatar-based media company Al Jazeera.

Folders found in QNB leak

Security experts who analyzed the data said they believe it originates from QNB systems. Some speculated that the files might have been stolen by an insider.

In a statement published on Tuesday, QNB said it launched an investigation in coordination with “all concerned parties.”

“Referring to social media speculation in regard to an alleged data breach, it is QNB Group policy not to comment on reports circulated via social media. QNB would like to take this opportunity to assure all concerned that there is no financial impact on our clients or the Bank,” the bank said. “QNB Group places the highest priority on data security and deploying the strongest measures possible to ensure the integrity of our customers’ information.”

The news that the Qatar National Bank might have suffered a data breach comes just weeks after Bangladesh’s central bank announced that cybercriminals managed to steal over $100 million from one of its accounts at the Federal Reserve Bank of New York. The bank managed to recover some of the money, but $81 million that were transferred to the Philippines are still missing.

Advertisement. Scroll to continue reading.

British defense, security and aerospace company BAE Systems revealed this week that the attackers appear to have used custom malware that allowed them to conduct fraudulent transfers without being detected.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

Joe Levy has been appointed Sophos' permanent CEO, and Jim Dildine has been named the company's CFO.

CISA executive assistant director for cybersecurity Eric Goldstein is leaving the agency after more than three years.

More People On The Move

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Data Protection

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Data Protection

Social media, use of mobile devices for business, and the economic downturn are posing serious challenges for organizations looking to keep confidential company and...