A computer scientist who used to live in Qatar has launched a new website for people to check if they are mentioned in last week’s data leak.
Personal and banking details of up to 400,000 individuals and companies were uploaded as part of the hack to file-sharing websites.
The data included mobile phone numbers, details of international bank transactions, online passwords and credit cards numbers, many from Qatar National Bank (QNB) customers.
To see if you are mentioned in the files, Carlos Castillo has created a website called Verifier that lets you input your QNB-linked email or Qatar ID number.
Qatar National Bank customers: check if your e-mail or QID appears in the leaked files: https://t.co/6DDbjpnfRO updated v2.1 #QNBHack #QNB
— @𝘾𝙝𝙖𝙏𝙤@tech.lgbt in Mastodon (@ChaToX) April 29, 2016
UPDATE: It appears censors have blocked the website, but it can be still be accessed via VPN.
In a message to Doha News, Castillo said he created the site to help out friends in Qatar who were worried about their data.
The former Qatar Computing Research Institute employee added that he is encrypting people’s data to add security during their search:
“Something important from my tool is that I’m hashing people’s data in their own browsers, i.e. before the e-mail or QID leaves their browser, it is converted into a string of letters and numbers that cannot be converted back to the original, but that is unique, in a way.
This allows (the information) to be checked against a list that has been transformed using the same process, without compromising anyone’s privacy and without hosting the plain text data myself.”
If your data is in the files, he recommends contacting QNB. For its part, the bank hasn’t commented on the leak since Tuesday, saying only that it is investigating.
It has privately reassured concerned customers that their has been no financial impact.
However, cyber security experts have advised QNB customers to change their passwords and PIN numbers, and cards if possible.
Others theorized that the leak was likely a “hacker’s cache” that was being collated to plan another attack. Many of the files shared could have been part of the hacker’s own research, and had nothing to do with QNB, they said.