Alleged QNB hack exposes personal data of Qatar residents

Photo for illustrative purposes only.

Elysia Windrum

Photo for illustrative purposes only.

The names, phone numbers, bank passwords and other sensitive information of what appears to be a large number of Qatar National Bank (QNB) customers has been leaked on a file-sharing website and is spreading rapidly through social media.

Among those affected are journalists and staff with the Qatar-based Al Jazeera Media Network.

The leak also includes files that purport to contain information about Qatar secret service agents and staff at other local banks, police, security and members of the country’s ruling family.

It is unclear who leaked the information or why.

The 1.4GB file that was uploaded online today contains nine main folders, some of which are named “Al Jazeera,” “Al Thani,” “Defence and etc,” “SPY, Intelligence,” and “Mukhabarat,” which is Qatar’s intelligence service.

Screen shot of file directory of leaked files

Doha News

Screen shot of the file directory of the leaked files

In a statement on its website today, QNB said:

“It is QNB Group policy not to comment on reports circulated via social media. QNB would like to take this opportunity to assure all concerned that there is no financial impact on our clients or the Bank.”

It added that it was deploying “the strongest measures possible to ensure the integrity of our customers’ information” and that it will further investigate the matter “with all concerned parties.”

Al Jazeera details

The Al Jazeera folder contains 29 separate files on staff members, while a spreadsheet includes the personal details of more than 1,200 people and organizations.

Photo for illustrative purposes only.

Paul Keller/Flickr

Photo for illustrative purposes only.

A number of Al Jazeera staff told Doha News that much of the data contained in their section of the files is correct.

Gordon Hickey, who left Al Jazeera English last July, told Doha News that a friend had called him this afternoon to tell him that his bank account and passwords were available on a public website – and that he had the word “SPY” attached to his folder.

“He was kind of joking, but he did ask whether I was a spy,” Hickey said. “This could have serious implications for me traveling. It’s not a nice thing.”

Hickey – who has now changed all of his passwords – expressed surprise that the data included his Twitter account details, as well as his bank account number and passwords.

Meanwhile, one beIN staffer said she only found out about the leak when she was contacted by Doha News.

She said that this morning, she received a text message saying someone had tried to access her QNB account without her permission. She added that she called QNB to ask what had happened, but was assured that there was no cause for alarm.

Photo for illustrative purposes only.

Nick Olejniczak/Flickr

Photo for illustrative purposes only.

She told Doha News that she was very worried about whether anyone else had managed to take money out of her account, and was also concerned about the label “SPY” that appeared next to her name.

“Why didn’t the bank tell me about this? And what do I do now to stop people seeing this data?” she said.

Another Al Jazeera journalist, Bernard Smith, said he discovered the leaked files this afternoon and called QNB.

“The details they had for me were mostly correct – I had changed my credit cards just a few months ago after losing them, but other information such as my passwords and contact details were all accurate.

I was very shocked to see my details online.”

Smith said that the QNB representative he spoke to confirmed the bank was aware of the data breach, but not the scale of it.

Other Al Jazeera staffers who did not wish to be named similarly confirmed that the majority of their details were accurate, although some information such as phone numbers and other data were either incorrect or out-of-date, they added.

However, one journalist featured in the Al Jazeera folder told us that he was not a QNB customer.

Social media links

The documents do not only include bank account details and passwords, but also photographs of the affected people and links to their social media accounts on Twitter, Facebook and LinkedIn.

Photo for illustrative purposes only.

Shehan Peruma/Flickr

Photo for illustrative purposes only.

In the file marked “SPY, Intelligence,” there are also photographs and Facebook accounts of their family members.

Speaking to IBTimes, Simon Edwards, cybersecurity expert with Trend Micro, said this data likely did not come from QNB:

“Rather, the perpetrator used the data held by the bank to then build up profiles of further targets.”

Meanwhile, the files also identify one man as “Defence, SPY (MI6),” alongside social media links to what the files suggest are his spouse and his friends, and family photos. MI6 is the UK’s foreign intelligence agency.

And in a file marked “Mukhabarat,” there are the personal details of 562 people, supposedly members of Qatar’s intelligence service.

Finally, the “Defense” folder contains 42 separate sub-folders with details marked as being part of Qatar’s “Ministry of Defense,” “Defense,” and “United Army.”

Thoughts?

Please read our Comments Policy before joining the discussion. By commenting, you agree to abide by it.

Some comments may not be automatically published. This is not action taken by us, but instead, depending on whether or not you have verified your email address, or if your post triggers automatic flags.