Examining the leaked passwords and PINs from Qatar National Bank

A 500MB file, published by Cryptome on Tuesday and said to be sourced from Qatar National Bank (QNB), contains thousands of sensitive financial records and client details.

Also included with the leak are records of high profile individuals, journalists, and some who are accused of being spies. In all, the breach exposed 1.4 GBs of data (15,460 files).

In a statement, QNB wouldn’t confirm that a data breach has taken place. Instead the bank said they’re investigating the “matter in coordination with all concerned parties.”

Those responsible for the leaked QNB data remain unknown, as do their motives. Based on the targeted profile information, which includes passwords, pictures, banking records, and social media data – the breach could be the work of a malicious insider, or a criminal who had persistent access to the bank and could take their time to target individuals.

As mentioned, there are more than a hundred records included with the leaked data containing information on high profile individuals, some who are accused of being spies. Most of the records include PIN details and passwords, as well as the security questions and answers used for banking.

The passwords, even those used by alleged spies, are weak to say the least. There were only three passwords that used special characters. The largest password of the bunch was 13 characters long (mission060612). A full breakdown of the leaked passwords is below.

As for PIN data, that breakdown is below as well. It’s important to note however, that the common PINs exist for two reasons; (1) two people selected the same PIN, or (2) the same PIN was used on multiple cards issued to a single person.

Thanks to Per Thorsheim, founder of PasswordsCon, for suggesting the data breakdown. Data compiled and sorted using Pipal (created by Robin Wood) and Passpal by T. Alexander Lystad.