UAE InvestBank Got Hacked, Almost 100k Recycled Data Leaked
A file of 10 gigabytes that holding the responsive financial data which cooperated from an InvestBank in the United Arab Emirates(UAE) that has been leaked. The file holds the information about the tens of thousands of users from a bank that is based in Sharjah.
- The dump data shows of information tied to InvestBank's systems, including SQL databases and some backup folders.
- Customer data included in the leak includes copies of ID documents, photographs of individuals, documents relating to land purchases.
- nearly 100,000 credit card numbers, including expiry dates in clear text
The data displays that there are folders which are known as ‘Account Master', ‘Customer Master', and ‘Branch Master' beside with the spreadsheets, PDF files as well as a number of images from the inside database of the bank.
One more folded entitled ‘Cards' includes about 20,000 card numbers as well as one more folder that has 3,000 specific bank statements, all watermarked with the InvestBank logo. A ‘passports' folder includes scanned insurance cards, passports, ID cards, a number of equivalent pictures of customers as well as the full data of one InvestBank employee.
BankInfoSecurity is testing the data dump as well as so far away that has discovered the genuine amount of credit card data that revealed is close to 100,000 records. Termination dates are seen but the pin codes, as well as passwords, seem to be encrypted.
Hackers of this attacks, the ‘Bozkurt Hackers', are connected to the QNB (Qatar National Bank) attack that obtains the place before two weeks. Reports recommend that the newest reveal is the similar data that is stolen by attackers late last year in December 2015.
Gord Boyce who is the chief executive at FinalCode said, “While it is possibly the same group behind both the Qatar National Bank and InvestBank UAE data leaks, it would appear that the objective is to cause reputational damage. Whether the criminals plan to use the customer and employee credit card, bank statement, passport, ID and insurance card details they leaked for fraud or not, the fact that this sensitive information is now available online is disturbing.”
A Twitter account which is utilizing the Bozkurt Hackers name placed a link to the data of InvestBank on 6 May saying, “Full DB and files from InvestBank UAE” with a connection to the zip file that has been deleted.