Qatar Bank Breached After Bangladesh
It’s been quite the week for the banking industry with multiple headlining hacks occurring throughout the world with Qatar National Bank being the latest victim. With Doha News first reporting the hack, discovering the data on the data dump site Global-Files.net Cryptome has reposted the data dump since being deleted on Global-Files.net. The data dump included over 15,000 files with over 100,000 accounts, passwords and PINs. IBTimes UK confirmed the authenticity of the data and stated “When contacted, multiple sources confirmed to IBTimes UK the data is legitimate.”
As of the publishing of this blog, there have not been any groups or hackers come forward to claim responsibility for this data grab however the IP address used to access the QNB data has been revealed and seems to originate from Russia:
— Cryptome (@Cryptomeorg) April 26, 2016
Cryptome’s Twitter feed blew up with the news of the hack and the data cache:
Worth noting 2,289 downloads of the QNB ba_nk.zip from one source (likely more). pic.twitter.com/uxVJVD6IlT
— Cryptome (@Cryptomeorg) April 26, 2016
It quickly grabbed the data and dumped it onto its site available for all to see. There are now reports that some of the data also has been verified by the owners themselves. Per DohaNews and al-Jazeera, “Gordon Hickey, who left al-Jazeera English last July, told Doha News that a friend had called him this afternoon to tell him that his bank account and passwords were available on a public website – and that he had the word “SPY” attached to his folder. “He was kind of joking, but he did ask whether I was a spy,” Hickey said. “This could have serious implications for me traveling. It’s not a nice thing.” Hickey – who has now changed all of his passwords – expressed surprise that the data included his Twitter account details, as well as his bank account number and passwords.
Qatar National Bank Issued a statement today regarding the hack and dismissed the verified reports stating, “Referring to social media speculation in regard to an alleged data breach, it is QNB Group policy not to comment on reports circulated via social media.” It’s likely that QNB knows exactly what happened and are scrambling to find out what happened and to protect themselves from exposure to lawsuits that may be on the horizon. To possibly buy themselves more time, QNB released a short statement on their website, “
Referring to social media speculation in regard to an alleged data breach, it is QNB Group policy not to comment on reports circulated via social media. QNB would like to take this opportunity to assure all concerned that there is no financial impact on our clients or the Bank.
— QNB Group (@QNBGroup) April 27, 2016
The banks have really had a hard time this week, but it really comes down to effective cybersecurity. While we don’t know how the person or persons on the other side of the Russian IP address hacked into the Qatar National Bank, we know that Qatar National Bank failed to protect its customer’s data. Like the Bangladesh bank hack where a $10 router was used to “securely” route massive amounts of valuable data, the Qatar hack is showing the signs of something amiss and something not properly protected. While we don’t have these details yet, we feel that the truth will something similar to other incidents this week.
Other APS Posts
Bangladesh Bank Loses 80 Million USD
Ransomware Infects Android 4.x
Spotify Allegedly Hacked…Again
MedStar Health Cybersecurity Fails to Prevent Attack
Ransomware Locks MBR
Iranian hackers hit with Federal charges
Spear Phishermen Target Corporate W-2 Data
4 Things to Know About Ransomware
Ransomware Hits Mac Computers
Thanks for stopping by and reading our blog. We would appreciate if you could subscribe (assuming you like what you read; we think you will). This is meant to be informative and to provide value to anyone who reads this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.
Be sure to subscribe to this blog and to our Podcast.
If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.