QNB hack allegedly compromises Qatar's secret service data
The bank is investigating the alleged security incident, which may have exposed details of 1,200 customers
Qatar National Bank (QNB) has allegedly been hacked, with the names and passwords of 1,200 customers potentially exposed.
QNB said on Tuesday that it was investigating the alleged incident, reports Middle East Eye, which is claimed to have led to 1.4 GB of documents and information relating to people and organisations with the bank anonymously leaked online. Alongside the 1,200 customers whose personal information has been potentially compromised, the leak may also include files related to Qatar's secret service and security apparatus.
Calling news of the attack 'social media speculation' in a statement posted online, QNB said: "QNB Group places the highest priority on data security and deploying the strongest measures possible to ensure the integrity of our customers' information. QNB is further investigating this matter in coordination with all concerned parties. Thank you for your cooperation and understanding."
The leaked file is split into subfolders with labels such as 'Al Jazeera', 'Defence and etc', and 'SPY, Intelligence'.
Kevin Bocek, chief security strategist at Venafi, said: "Banks worldwide rely on sophisticated authentication technology which includes digital certificates, so while there's little word yet on how the Qatari National Bank's records were compromised, the fact that the attackers seemed to target specific accounts indicates that this could be a classic case of privileged access abuse the use of certain certificates to appear genuine and gain access.
"Criminals want to gain trusted status and go undetected for long periods, which makes certificates and cryptographic keys a prime target," Bocek continued. "Understanding how this system of digital trust that depend on certificates was breached, and protecting it going forward, will be imperative to secure the global banking system."
Digital Risk Report 2020
A global view into the impact of digital transformation on risk and security managementDownload now
6 ways your business could suffer if you don’t backup Office 365
Office 365 makes it easy to lose valuable data regularly, unpredictably, unintentionally, and for goodDownload now
Get the best out of your workforce
7 steps to unleashing their true potential with robotic process automationDownload now
8 digital best practices for IT professionals
Don't leave anything to chance when going digitalDownload now