Qatar National Bank, the largest lender in the Middle East and Africa by assets, is investigating an alleged security breach of data posted online this week that revealed the names and passwords of a large number of customers.
Qatar National Bank is probing reports of an online leak of confidential data of a large number of its customers, but has not confirmed it suffered a data breach, according to Reuters. Qatar-based Doha News reports say among the details leaked include names, passwords, and banking information of several Al-Jazeera journalists, “members of the ruling Al-Thani family” as well as government and defense officials.
Some 1.5GB of information was found online and Reuters reports seeing recent transactions of overseas remittances. Some of the account holders whose data is reportedly among the leaked files have verified the data was theirs.
Some files had pictures of account holders from Facebook and LinkedIn, according to the report on the anonymously leaked files.
QNB said it was investigating “social media speculation in regard to an alleged data breach” and would not comment on reports circulated via social media.
But it assured “all concerned that there is no financial impact on our clients or the bank.”
A copy of the leaked content seen by Reuters contained transaction data of QNB customers that showed overseas remittance data from as recently as August 2015.
One file contained information on what appeared to be 465,437 QNB accounts, although only a fraction of these accounts had anything resembling full account details.
There is no way to verify the authenticity of the vast trove of information. However, several known Qatari figures in the government and media whose names appeared on the list confirmed that their account details were accurate to Reuters.
Middle Eastern banks are attractive targets for cyber criminals because of the high levels of wealth in a region that has flourished in recent years due to buoyant hydrocarbon prices. Qatar is the richest country in the world on a per-capita basis, according to the World Bank.
The last major reported cyber attacks in the Gulf region was in 2013, when Oman’s Bank Muscat and National Bank of Ras Al Khaimah in the United Arab Emirates had $45 million stolen by hackers who targeted details of pre-paid debit cards held by a third-party services company.