[BreachExchange] Hackers behind Qatar National Bank set to leak data from 'another big bank'

[Inga Goddijn]

http://www.ibtimes.co.uk/hackers-behind-qatar-national-bank-set-leak-data-another-big-bank-1558120

The hackers behind the Qatar National Bank (QNB) data breach, which
involved the leak of 1.4 GB of sensitive information, have reportedly
threatened to leak more data from yet another bank. According to a
Kaspersky Lab security researcher, the hacker group is slated to leak more
data in the coming days.

Mohammad Amin Hasbini, a senior security analyst at Kaspersky Lab Middle
East, Turkey and Africa, told the Gulf News
<http://gulfnews.com/business/sectors/technology/qnb-hackers-to-leak-more-data-of-another-big-bank-soon-1.1816979>
that there is an imminent threat of more data leaks from the hacker group
behind the QNB breach. "They have announced that they are going to release
data from another big bank dating back to 2001. This data could be used for
ransomware. They have said they are going to make it public, either today
or tomorrow. We are monitoring it," he added.

Turkish group Bozkurtlar
<http://www.ibtimes.co.uk/qatar-national-bank-leak-security-experts-hint-sql-injection-used-database-hack-1557069>,
also known as Grey Wolves claimed responsibility of the QNB hack in a video
which it posted online. "We are the ones who hacked the Qatar National Bank
and more," a user behind a Twitter account (@bozkurthackers) told *IBTimes
UK*. The Twitter account has since been suspended.

There is still uncertainty involving the motive for the QNB hack, especially
given that the hackers are yet to make any financial demands. According to
Hasbini, there may be a possibility of the cyberattack being related to the
complex geopolitical situation in the region.

The Qatar National Bank data breach saw thousands of sensitive customer
data, including customers' names, addresses, passwords and credit card
information, leaked onto a file-sharing website. In addition to customer
data, the data dump also included information on al Jazeera
journalists and intelligence
data on British
<http://www.ibtimes.co.uk/qatar-national-bank-1-4gb-database-leak-gives-data-customers-journalists-spies-1556787>
agents. The files have since been removed, however, a separate,
easy-to-access whistle-blowing site later posted the same information on
its website.

Despite the hackers threat to target more banks and leak data, reports of
additional breaches are yet to emerge.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160504/1193e424/attachment.html>