Official: QNB hack not 'significant,' but still spurred changes in Qatar

Qatar Central Bank Governor Sheikh Abdulla Bin Saoud Al-Thani

Seeking to downplay the effects of a massive data breach at one of Qatar’s largest banks earlier this year, a top official has said the incident was not “significant.”

However, the government is still working to boost its cyber security in the aftermath of the hack, Qatar Central Bank (QCB) Governor Sheikh Abdullah Bin Sauod Al-Thani added in a lecture yesterday.

He made the comments while speaking about cyber security and financial security at Carnegie Mellon University in Qatar (CMU-Q).

In April, the personal and banking details of up to 400,000 individuals and companies were uploaded to file-sharing websites in what one expert called Qatar’s largest data leak.

The information included mobile phone numbers, details of international bank transactions, online passwords and credit cards numbers, many from QNB customers.

At the time, QNB said the attack was against the company’s reputation and not the bank’s clients.

In response to a question about the attack yesterday, Al-Thani said:

“I don’t think the incident attracted any attention. It’s a challenge and we will not stop trying to protect the banking sector. If you see it in banks, these (attacks) are happening daily, it’s normal.

But we’re trying to improve the system. I don’t think it was significant but for the future, we’re taking extra measures – not just in the banking sector, but with other sectors too because any attack could also affect the economy as a whole and its growth.”

Lessons learned

According to the official, a Financial Stability and Risk Control committee is in place to coordinate between the QCB and all of Qatar’s banks.

The committee meets on a quarterly basis. It assess potential dangers facing banking activities, businesses, services and financial markets, and strategizes when necessary.

Al Thani added that any mobile banking or financial service that is offered in Qatar must have QCB approval before implementation.

However, regulations and policies are not enough, he said.

“As regulators, we say we’re not immune, but we still have to do our homework and keep up with the system.”

“It’s not only the banking sector that we have to protect. We have commercial, real estate, and many more and they all need to be protected because we have investors in the market,” he added.

Thoughts?