Security Research
Qatar National Bank Data Leak
In 2016, Qatar National Bank investigated a massive data leak. Attackers exploited an SQL injection flaw which led to 1.4Gb of data being leaked. Thousands of confidential documents with corporate and customer information(passwords, credit card numbers, account details, etc.) were uploaded to a file-sharing website, and later, they were removed. Due to two-factor authentication, any unrestricted access to bank accounts was avoided.
Luckily, there was no financial damage and the bank stated they would improve their systems.
Qatar News Agency Social Media Accounts Hacked
In 2017, Qatar’s news and government social media accounts were hacked which led to a “diplomatic crisis.” The hackers exploited a “cyber-bug” in the QNA website to gain illegal access. After using a VPN to access the QNA network, the hacker installed malicious programs to gain full control of the network. Several gulf states cut off ties with Qatar and accused the country of supporting Iran. The Qatari government reached out to the US for help after the security breach. After conducting an investigation, they identified that the hacking file was installed in April and it was later exploited in May to spread fake news. US intelligence officials identified that the UAE may have been involved in the operation; the UAE responded that they had no involvement.
Sources