Alleged Turkish hackers hacked into the Qatar National Bank on 26th April 2016. 1.4GB of sensitive data were leaked as a result of this breach, containing 15,460 documents of personal banking info as well as intelligence reports related to MI6 (Haran & Ross, 2016). QNB claimed on their website that “there is no financial impact on our clients or the bank”, as cited by Haran and Ross (2016), but it is clear that significant damage has been dealt to its clientele as Haran and Ross (2016) were able to login to other people’s accounts (though they were stopped by 2FA). QNB’s response to this breach was very generic and that they would investigate the attacks in cooperation with the other affected parties. Details on how the data was stolen is still unknown, but the most popular theory was that the user information was stored unencrypted which made it trivially easy to copy said data and utilize it for other purposes.
EHTERAZ, the Qatar government’s solution to tracking COVID-19 infected patients, had a major security flaw which was discovered by Amnesty International’s Security Lab. The bug allowed any potential hacker to access highly sensitive data such as Qatari citizen’s and resident’s names, their passport numbers, Qatar ID numbers, their current location, and their health status. This was made doubly worse by the fact that Qatar had made it compulsory to install the app and was punishable by law if not followed. Fortunately, Qatar had responded quickly to the situation and fixed it within a day (Amnesty International, 2020).
Haran, V., & Ross, R. (2016, April 26). Qatar National Bank suffers massive breach. Bank Information Security. https://www.bankinfosecurity.com/qatar-national-bank-suffers-massive-breach-a-9068
Major security flaw uncovered in Qatar’s contact tracing app. Amnesty International. (2020, May 26). https://www.amnesty.org/en/latest/news/2020/05/qatar-covid19-contact-tracing-app-security-flaw/
https://www.cyberlands.io/topsecuritybreachesqatar
https://dohanews.co/15-million-cyber-threats-targeting-qatar-blocked-this-year-report/