A cyber-attack on Al-Qard al-Hasan financial institution, which is affiliated with Lebanon’s Hezbollah, and the publication of the data of depositors and borrowers, stirred confusion among clients, despite the institution’s denial that the hackers had access to internal data or accounts.
A hacker under the name of Spiderz managed to penetrate some of the accounts of Al-Qard Al-Hasan and released the names of alleged banks and citizens who had accounts at the financial institution and disclosed the number of accounts, addresses and phone numbers.
The cyber-attack came a few months after the association’s launch of an automated teller service (ATM) in its branches in the southern suburbs of Beirut, a Hezbollah stronghold. This encouraged some people to place their financial deposits in an institution that is not subject to the Lebanese banking system.
The association downplayed the cyber-attack, denying that the hackers had access to any confidential information. Its spokesman said that the hacking affected the external network, without reaching the internal system, which includes the numbers of deposits, the value of loans and other information. He stressed that the internal network was secure and could not be accessed.
Al-Qard al-Hasan is considered one of Hezbollah’s most prominent economic institutions. It has 31 different branches, most of which are located in areas inhabited by a Shiite majority. The institution is not subject to the Lebanese banking system.
In April 2016, the US Treasury Department included Al-Qard al-Hasan on its sanctions list (based on a 2015 legislation). Three years later, the association opened two accounts to transfer donations to the flood victims in Iran by the Iranian Red Crescent and the Hezbollah Imdad Association.
