Another incident involved the banking industry, this time the Qatar National Bank (QNB) is investigating a major data leak. Several sources online, including Cryptome, have published a large number of files allegedly stolen from the systems at Qatar National Bank.
2/2 QNB hack: 15.4K docs, 1.4GB, most tiny, dozens big. Zip (431MB): https://t.co/R4jiU8iXEy (RU?) /@aljazeera______ pic.twitter.com/KXjI2ELvzi
— Cryptome (@Cryptomeorg) 25 aprile 2016
Security experts speculate that the precious archive might have been stolen by an insider.
“Referring to social media speculation in regard to an alleged data breach, it is QNB Group policy not to comment on reports circulated via social media. QNB would like to take this opportunity to assure all concerned that there is no financial impact on our clients or the Bank.” reads a statement published on Tuesday by the QNB. “QNB Group places the highest priority on data security and deploying the strongest measures possible to ensure the integrity of our customers’ information. QNB is further investigating this matter in coordination with all concerned parties.”
The 1.5 Gb archive was shared online by several Twitter accounts that published a global-files.net link.
The data leak includes more than 15,000 files containing banking information, QNB user profiles, payment card details, passwords, email addresses, physical addresses, and phone numbers.
Giving a look to the leaked archive we can notice that the user profiles are stored in folders likely linked to government organizations, including intelligence agencies., in Qatar and other countries. One of the folders includes information on people working at Qatar-based media company Al Jazeera.
A folder includes user profiles belonging to Banks/Organizations meanwhile another folder includes data belonging to Al Jazeera staffers.
Multiple sources who have reviewed the leaked data dump have confirmed the data appears to be genuine.
“One researcher, speaking on condition of anonymity, also confirmed that he had successfully used leaked customer internet banking credentials from the data dump to begin logging in to the customer’s account, purely for research purposes. But he said the bank’s systems then sent a one-time password to the customer’s registered mobile number, which would serve as a defense against any criminals who might now attempt to use the leaked data to commit fraud.” reported Bankinfosecurity.com.
The incident comes a few weeks after the Bangladesh’s central bank cyber heist, a couple of days ago the security firm BAE Systems published a report that revealed the involvement of a custom malware attack in the data breach.
(Security Affairs – Qatar National Bank, banking)