ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

Qatar National Bank Data Breach

qnb.com
Limited exposure
Verified breach Passwords exposed
Accounts exposed 88,678
Breach date 01 Jul 2015
Added to tracker 01 May 2016
Data classes 16

What happened

In July 2015, the Qatar National Bank suffered a data breach which exposed 15k documents totalling 1.4GB and detailing more than 100k accounts with passwords and PINs. The incident was made public some 9 months later in April 2016 when the documents appeared publicly on a file sharing site. Analysis of the breached data suggests the attack began by exploiting a SQL injection flaw in the bank's website.

Exposed data

Bank account numbers Customer feedback Dates of birth Financial transactions Genders Geographic locations Government issued IDs IP addresses Marital statuses Names Passwords Phone numbers Physical addresses PINs Security questions and answers Spoken languages

Recommended actions

  • Change your Qatar National Bank password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Monitor your bank and card statements closely and consider requesting a card replacement.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP