QNB hack allegedly compromises Qatar's secret service data

The bank is investigating the alleged security incident, which may have exposed details of 1,200 customers

Hacker

Qatar National Bank (QNB) has allegedly been hacked, with the names and passwords of 1,200 customers potentially exposed.

QNB said on Tuesday that it was investigating the alleged incident, reports Middle East Eye, which is claimed to have led to 1.4 GB of documents and information relating to people and organisations with the bank anonymously leaked online. Alongside the 1,200 customers whose personal information has been potentially compromised, the leak may also include files related to Qatar's secret service and security apparatus. 

Advertisement - Article continues below

Calling news of the attack 'social media speculation' in a statement posted online, QNB said: "QNB Group places the highest priority on data security and deploying the strongest measures possible to ensure the integrity of our customers' information. QNB is further investigating this matter in coordination with all concerned parties. Thank you for your cooperation and understanding."

The leaked file is split into subfolders with labels such as 'Al Jazeera', 'Defence and etc', and 'SPY, Intelligence'.

Kevin Bocek, chief security strategist at Venafi, said: "Banks worldwide rely on sophisticated authentication technology which includes digital certificates, so while there's little word yet on how the Qatari National Bank's records were compromised, the fact that the attackers seemed to target specific accounts indicates that this could be a classic case of privileged access abuse the use of certain certificates to appear genuine and gain access.

Advertisement
Advertisement - Article continues below

"Criminals want to gain trusted status and go undetected for long periods, which makes certificates and cryptographic keys a prime target," Bocek continued. "Understanding how this system of digital trust that depend on certificates was breached, and protecting it going forward, will be imperative to secure the global banking system."

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Recommended

Visit/security/355013/10-quick-tips-to-identifying-phishing-emails
Security

10 quick tips to identifying phishing emails

16 Mar 2020
Visit/business-strategy/mergers-and-acquisitions/354941/panda-security-to-be-acquired-by-watchguard
mergers and acquisitions

Panda Security to be acquired by WatchGuard

9 Mar 2020
Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/mobile/mobile-phones/355088/apple-lifts-iphone-purchase-restrictions
Mobile Phones

Apple lifts iPhone purchase restrictions

23 Mar 2020
Visit/software/operating-systems/355080/internal-docs-show-apple-is-aware-of-ios-13-hotspot-disconnect
operating systems

Report: Apple is aware of iOS 13 hotspot disconnect issue

23 Mar 2020
Visit/security/data-breaches/355097/ge-employees-hit-by-canon-data-breach
data breaches

General Electric employees hit by Canon data breach

24 Mar 2020
Visit/security/cyber-security/355089/hackers-hit-windows-with-another-bug
cyber security

Hackers expose yet another Windows 10 vulnerability

23 Mar 2020