Hezbollah lender hit by hackers exposing hundreds of accounts

The group behind the purported hack urged debtors to default on loans

epa08906905 A video grab taken from Hezbollah's al-Manar TV shows Hezbollah leader Sayyed Hassan Nasrallah during an interview with Al Mayadeen TV  in Beirut, Lebanon, 27 December 2020. Nasrallah spoke about the political situation in the Arab region after several countries started normalizing relations with Israel, about his relationship with the Iranian commander Suleimani, among other things.  EPA/AL-MANAR TV / HANDOUT  HANDOUT EDITORIAL USE ONLY/NO SALES

A Hezbollah-affiliated financial establishment has been hit by hackers who claim to have posted online records that would lay bare a complex financial network with thousands of clients across Lebanon.

A Hezbollah representative confirmed to The National that there had been a breach at Al Qard Al Hassan but said it was limited in scope. The official did not confirm the authenticity of the leaked databases, which The National couldn't verify independently.

Founded in the 1980s as a non-governmental organisation, Al Qard Al Hassan, which translates into Benevolent Loan, was subject to US sanctions in 2007. It provides various financial services including interest-free loans in US dollars.

It has lately attracted attention for its extensive network of ATMs in Hezbollah strongholds, and for providing dollar-denominated loans amid Lebanon’s worst economic and financial crisis in decades.

The leaked records include Al Qard Al Hassan’s customer database, financial statements and details of its accounts at Lebanese commercial banks, the hackers said.

In a video published online, the group, who go by the name of Spiderz, said they had hacked the lender’s servers and promised to disclose more information.

Lebanon - A year in pictures

One leaked record details over 200,000 outstanding loans as of December 2019. Another included what it said were account numbers for Qard Al Hassan accounts at several Lebanese banks, including Jamal Trust Bank, the Lebanese lender that was a target of US sanctions last year.

Several people listed on the data set confirmed they were customers with outstanding loans from Al Qard Al Hassan but could not verify the authenticity of the complete list.

"It could be a breach of Qard Al Hassan's servers or an employee's email, or simply a leak from an insider with access to the data," a senior Lebanese cyber security expert told The National. "It's impossible to tell at this stage."

The group behind the hack called on those with debts not to settle their loans and urged those with deposits to withdraw their money or risk losing it. The Hezbollah official, however, contested the calls and said deposits were safe.

Iran-backed Hezbollah has been the target of mounting US sanctions that recently hit some of its closest allies, including MP Gebran Bassil, the president’s son-in-law and leader of the largest Christian party in Parliament.

The sanctions have prompted Hezbollah and its supporters to harden their political stance, complicating negotiations to form a new Cabinet that commits to reforms including a forensic audit of the Central Bank, a prerequisite for international financial support for Lebanon.

Lebanon has been without a fully functioning Cabinet since the deadly explosion that ripped through Beirut port in August, killing about 200 people and forcing the government’s resignation.

The caretaker government has failed to bring in any of the major reforms demanded by the international community.

In a recent report, The Wall Street Journal said the US was considering sanctions against the Central Bank and senior officials over links to Hezbollah.