Hackers are already attempting to exploit the financial data leaked from the Qatar National Bank, IBTimes UK can reveal. A source, who spoke on condition of anonymity, said bank account information and social media platforms have both been targeted.
"There has already been three failed attempts to login to my [bank] account since yesterday," the source said. "I know this because I get a text message every time it happens."
The source added: "They got into my Twitter account - because I used the same password - and switched it to Arabic. Nothing was posted though and I've got control back. I got an email yesterday saying my Twitter account had been changed and it wasn't me."
In the data dump, it quickly became apparent the 'hacker' had collated some information taken from the bank into separate folders – purporting to list Al-Jazeera journalists and members of the Al-Thani Qatar Royal Family. As previously reported, these folders contained information such as social media accounts, personal photos and banking data.
Our source confirmed the QNB had been in contact since the leak was reported in the media. "The bank called me to tell me to reset my account username and password and [said] that no money will be lost," the source said. "I'm still waiting for someone more senior to call me back."
The data dump, mirrored in full by a well-known whistleblowing website, consisted of a hefty 1.4GB-worth of information and, once exclusively reported on by IBTimes UK, it caused an immediate reaction online. Upon inspection, the folders were listed as containing a significant amount of financial data, internal documentation and dossiers relating to security service agents compromised from the Qatar National Bank. This information remains largely unverified.
While many were initially sceptical about the legitimacy of the trove of sensitive information, multiple Al Jazeera sources have since come forward to confirm the data – including credit card records – is very real indeed. Now, 24 hours later, the information is reportedly already being used for malicious means. In the documents, it was a folder listed as 'SPY, Intelligence' that piqued the interest of many. On analysis, the document contained information that purported to be members of the Ministry of Defence, MI6 (the UK foreign intelligence service) and Qatar's security service which is known as the "Mukhabarat".
While our source was not in this folder, the title 'SPY' was indeed listed in the data entry alongside the source's name. "What's particularly annoying is this bloody spy tag," our contact said. "With some of the places I have to travel to that could be a real problem."
In response to the leak, a public relations officer told IBTimes UK: "It is QNB Group policy not to comment on reports circulated via social media." A full statement was then posted in full to the QNB's website.
This is only one example of the leaked content causing real-world problems for those included named in the breach – especially when listed with the insinuation of being a 'spy'. For customers of the bank, a number of the folders will be of concern. These include: "Account Master", "User Profile" and "Transactions" - some of which contain hundreds of thousands of data entries.