Qatar National Bank admits data breach
Update: QNB confirms financial hack but reassures customers their accounts are safe
Qatar National Bank (QNB) has released a statement confirming that it was a victim to financial cyber-crime, which had the intent to target the bank's reputation.
Last week, the Register reported that documents containing names and passwords of QNB customers had surfaced on file-sharing site Global-Files.net, which had then been deleted. The 1.5 GB trove of leaked data allegedly included bank details, telephone numbers and dates of several journalists for satellite broadcaster Al-Jazeera, members of the ruling al-Thani family and government and defence officials.
The bank reassured its customers that there was no financial impact and that their accounts were secure, however the bank did not disclose how the systems were hacked, the identity of the hackers and what information was collected.
QNB's statement read:
"QNB group's risk team monitored abnormal activity in our system environment, this was immediately communicated to relevant authorities. We also took immediate steps and our systems are fully secure and operational. The attack only targeted a portion of Qatar based customers.
"While some of the data recently released in the public domain may be accurate, much of it was constructed and contains a mixture of information from the attack as well as other non-QNB sources, such as personal data from social media channels. We believe the nature of this incident is fundamentally an attempted attack on QNB Group's reputation and not specifically targeted at our customers.
"This incident will have no financial impact on QNB Group's customers. We are taking every measure to protect the privacy of our customers and have engaged an external third party expert to review all our systems to ensure no vulnerabilities exist.
"All our customers' accounts are secure, and as always, we encourage customers to be vigilant, taking the usual precautions of frequently changing their usernames and passwords through QNB Group internet banking. Our call centre is also available 24/7 and any concerned customer can speak to a representative if they have any inquiries regarding their accounts."
According to cyber security expert Simon Edwards from Trend Micro, "the attackers managed to obtain the data with an SQL injection attack, this gave them a large backup file containing the data they were after. Using an open source SQL injection tool they were able to extract all of the customer data they needed. Interestingly, the log file points to the exploitation having started almost 9 months previously (July ‘15)".
The bank's statement ended with: "We deeply regret any inconvenience this may have caused to our customers. We at QNB Group place the highest priority on data security and deploy the strongest measures possible to ensure we maintain your trust and the integrity of your information."
Related: Qatar National Bank ‘hacked'