A computer scientist has launched a website that allows any concerned customers of the Qatar National Bank (QNB) to check if their details are included within the 1.4GB trove of compromised financial data.
The tool was created by computer expert Carlos Castillo and is now live for anyone to use. "[In the leak] there is a table containing a list of a few hundred thousand supposed QNB customers, of which around 60K listed a primary e-mail address and about 360K listed a Qatar ID (QID). With this tool you can check if your e-mail is on that list and if your Qatar ID is on that list," Castillo states on the website.
IBTimes UK, which has reported extensively on the breach, has checked a number of the emails and National ID numbers from the data dump and is able to verify that, at the time of writing, the tool is working as promised.
The leak of data contained hundreds of thousands of records of customers including names, home addresses, credit card numbers, transaction logs and passwords. Additionally, dozens of separate files and folders consisted of what claimed to be information on Al-Jazeera journalists, the Al-Thani Royal Family and members of the country's security services.
IBTimes UK was able to independently verify a number of the records by contacting a number of people listed in the data dump and it was quickly confirmed that sensitive information – including credit card data – was real. The 'spy' and 'intelligence' folders, which purport to store details on the Qatari Ministry of Defence, the Air Force and UK's Mi6 remain unverified at this time.
Only 24 hours after the data was leaked online, IBTimes UK received first-hand reports hackers were already attempting to exploit the financial information. In the aftermath of the incident, security experts came forward to report that a so-called 'SQL injection' was most likely used by the hacker to extract the data from the bank. Meanwhile, the identity of the culprit remains unknown and no credible sources have yet come forward to claim responsibility for the attack.
The data was initially uploaded to Global-Files.net; however, it was quickly removed without warning. Then, a separate whistleblowing website mirrored the files on 25 April. IBTimes UK is not linking directly to the documents because, upon inspection, it contains exploitable financial data.
In response to questions from this publication, a QNB media relations officer said: "It is QNB Group policy not to comment on reports circulated via social media. QNB would like to take this opportunity to assure all concerned that there is no financial impact on our clients or the bank." Despite attempts to get further comment from the QNB, any further messages have been met with silence.