Stolen UAE InvestBank, Qatar National Bank Data Sold on Dark Web

There may be a serious conflict between Qatar and the UAE (United Arab Emirates), but hackers see no difference, for them, it is all about making easy money. Today, one of’s researchers found out that around three Dark Web vendors are selling data belonging to customers from UAE InvestBank and Qatar National Bank.

It must be noted that both banks were hacked in 2016 and it is only now that their data is being sold on the Dark Web. To be precise, the UAE InvestBank was in May 2016 while Qatar National Bank (QNB) suffered a data breach in April 2016.

UAE InvestBank

In the Sharjah-based InvestBank’s case, a hacker leaked a 10GB file containing personal and financial details of customers and clients including thousands of records showing full names of account holders, addresses, passport numbers, phone numbers, account numbers, credit card numbers along with their CVV codes and other highly confidential data.

Screenshot from the data leaked by Buba in 2016

The data was stolen by a hacker calling himself “Hacker Buba.” He also demanded $3 million in ransom. However, the bank refused to pay the ransom after which the data was leaked on the Internet using Google Drive.

Screenshot from the leaked InvestBank files

Currently, the UAE InvestBank’s data is being sold on a popular Dark Web marketplace for only USD 22.80 (BTC 0.0071).

Screenshot from the listing where data is being sold

The data according to the sample data provided by the vendor includes bank accounts, bank beneficiaries, bank cards, bank customers, customer ids, branch codes, bank cards and full names of account holders.

Sample data uploaded by the vendor

Qatar National Bank

The Qatar National Bank also suffered a massive data breach in which 1.4GB of data from the database containing personal data of its customers was leaked. The dump included hundreds of thousands of financial records including credit card numbers and their PIN codes and customer transaction logs. Moreover, the hackers also claimed to leak banking details of the Al-Thani Qatar Royal Family and Al Jazeera journalists.

One of the leaked folders among the leaked data was labeled as “SPY” catching the eyes of anyone who had access to the leaked data. Upon scanning, it was found that there were financial details of what appears to be UK’s intelligence service MI6, Qatari Ministry of Defence and Qatar State Security Bureau “Mukhabarat.

Qatar National Bank acknowledged the breach after hackers released an inside video showing how they hacked bank’s servers. However, now the data is being sold on the Dark Web for  USD 22.80 (BTC 0.0071).

Screenshot from the listing where data is being sold

The sample data shows that the leaked records contain bank accounts, bank beneficiaries, bank cards and personal details of its customers.

Sample data uploaded by the vendor

This incident is similar to the LinkedIn (hacked in 2012), DropBox (hacked in 2012), and MySpace (hacked in 2013) who did a lot of damage to the users since they were using the same old passwords. However, in the case of these two banks, it is unclear whether the banks issued new credit cards to thousands of customers who were affected by these breaches.

Therefore, customers are urged to keep an eye on their banking card transactions and contact their respective banks in case of any suspicious activity.

DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.

Related Posts