QNB hack allegedly compromises Qatar's secret service data

The bank is investigating the alleged security incident, which may have exposed details of 1,200 customers

Hacker

Qatar National Bank (QNB) has allegedly been hacked, with the names and passwords of 1,200 customers potentially exposed.

QNB said on Tuesday that it was investigating the alleged incident, reports Middle East Eye, which is claimed to have led to 1.4 GB of documents and information relating to people and organisations with the bank anonymously leaked online. Alongside the 1,200 customers whose personal information has been potentially compromised, the leak may also include files related to Qatar's secret service and security apparatus. 

Calling news of the attack 'social media speculation' in a statement posted online, QNB said: "QNB Group places the highest priority on data security and deploying the strongest measures possible to ensure the integrity of our customers' information. QNB is further investigating this matter in coordination with all concerned parties. Thank you for your cooperation and understanding."

The leaked file is split into subfolders with labels such as 'Al Jazeera', 'Defence and etc', and 'SPY, Intelligence'.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Kevin Bocek, chief security strategist at Venafi, said: "Banks worldwide rely on sophisticated authentication technology which includes digital certificates, so while there's little word yet on how the Qatari National Bank's records were compromised, the fact that the attackers seemed to target specific accounts indicates that this could be a classic case of privileged access abuse the use of certain certificates to appear genuine and gain access.

"Criminals want to gain trusted status and go undetected for long periods, which makes certificates and cryptographic keys a prime target," Bocek continued. "Understanding how this system of digital trust that depend on certificates was breached, and protecting it going forward, will be imperative to secure the global banking system."

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/mobile/mobile-phones/354222/samsung-sails-past-apples-market-share-despite-smartphone-market-slump
Mobile Phones

Samsung sails past Apple's market share despite smartphone market slump

28 Nov 2019
Visit/hardware/354232/raspberry-pi-4-owners-complain-of-broken-wi-fi-when-using-hdmi
Hardware

Raspberry Pi 4 owners complain of broken Wi-Fi when using HDMI

29 Nov 2019
Visit/mobile/google-android/354189/samsung-galaxy-a90-5g-review-simply-the-best-value-5g-phone
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019
Visit/business-strategy/digital-transformation/354201/boston-dynamics-dog-like-robots-sniff-out-bombs-for
digital transformation

Boston Dynamics dog-like robots sniff out bombs for Massachusetts police

26 Nov 2019