Jordan’s major bank data stolen, claim hackers

Last updated: 27 May 2025
jordan kuwait bank data breach
Image by Cybernews

A major bank in Jordan has allegedly been hit by a ransomware attack. Hackers are threatening to release confidential data if the ransom is not paid.

Cybercriminals are claiming to have targeted Jordan Kuwait Bank (JKB), a major player in the Jordanian banking system.

Headquartered in Amman, the bank operates a domestic network of 64 branches and offices distributed throughout Jordan, as well as a branch in Cyprus. JKB is known for its digital infrastructure – it was the first bank in Jordan to introduce electronic delivery and service channels.

ADVERTISEMENT

According to a note posted on the dark website on May 26th, the Everest ransomware cartel stole the personal data of 1,003 JKB’s employees, and in total, 11.7GB of internal company data.

The gang gave JKB a five-day window (until May 31st) to make contact and negotiate. This is a standard operating procedure in the ransomware playbook to pressure victims into paying the ransom.

While there is no downloadable sample of the data, the gang shared screenshots of what look like employee profiles. While the shared sample does not include passport copies, it still exposes sensitive and private information.

JKB alleged data breach
Screenshot by Cybernews

What data was leaked?

  • Full names
  • Family details
  • Job titles
  • Dates of birth
  • Nationality
  • Work emails and phone extensions
  • Bank account details

Leaking employee profiles with PII, work details, and even partial banking information isn’t just a privacy violation – it’s a serious security risk. For affected individuals, it opens the door to identity theft, financial fraud, and targeted attacks.

But it doesn’t stop there. This kind of exposure can also be a backdoor threat to the company’s internal systems and banking infrastructure.

ADVERTISEMENT

“It enables threat actors to launch highly targeted phishing and social engineering attacks, and it could lead to the bank’s internal systems,” said the research team.

JKB alleged data breach
Screenshot by Cybernews

Family details add another layer of risk, as attackers can exploit family members or bypass security questions when trying to access the accounts. “For the bank, it's a potential threat to operational security, not a privacy issue,” add our researchers.

Cybernews has reached out to the bank for a comment, but a response has yet to be received.

JKB alleged data breach
Screenshot by Cybernews

What is Everest Group ransomware?

The Everest ransomware gang, allegedly tied to the Russia-linked BlackByte cartel, has been making moves since mid-2021.

Just this month, the gang claimed multinational soft drinks producer Coca-Cola. The gang allegedly stole nearly a thousand employees' data alongside confidential internal documents and released them on its website.

The gang was also behind the October 2022 attack on AT&T, offering alleged access to the entire AT&T corporate network. According to Cybernews’ dark web tracker Ransomlooker, the gang has listed 248 victims since 2023.

vilius Paulina Okunyte Ernestas Naprys Gintaras Radauskas
Don’t miss our latest stories on Google News.
Google News Follow us
ADVERTISEMENT
Share
Post
Share
Share
Share
More from Cybernews
Google may drop its latest devices at the end of this summer
Modern misogyny: AI advises women to seek lower salaries than men
Meta AI leak gave access to AI prompts and answers from other users
TikTok, AliExpress, and WeChat violate EU privacy laws, data protection group claims
Three-person IVF helps prevent inherited diseases, scientists say
China-linked hackers ramp up attacks on Taiwan’s chip industry, researchers report
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked