Breach Intelligence Report 03 Sep 2025

Creaders Column Breach: 45K Overseas Chinese Community Accounts Exposed

HEROIC
HEROIC Threat Intelligence Team
Email Address Password Hash
Your email may be in this breach. Check in 5 seconds — free, no signup required.
Scan Email →
Records Exposed 45,937
Source Type Database,Combolist
Origin Darkweb
Password Type bcrypt,MD5

DarkHive discovered a data breach affecting Creaders Column, a Canada-based column and essay platform serving the overseas Chinese community operating at column.creaders.net. The breach exposed 45,937 user records and was dated March 14, 2018. Leaked data included email addresses and passwords stored using an inconsistent mix of bcrypt and MD5 hashing. The mixed password storage indicates uneven security implementation on the platform, with MD5-hashed accounts particulary vulnerable to rapid cracking attacks.


Why This Is Dangerous

The presence of MD5 hashes alongside bcrypt in this breach means a significant portion of affected accounts are immediately vulnerable to GPU-accelerated password cracking. Overseas Chinese community members frequently maintain accounts across Chinese social media platforms, messaging apps like WeChat, and regional news and community sites where the same email and password combination is reused. Once MD5 passwords are cracked, attackers can test them against these platforms and any other service where the same credentials were used.


What Was Exposed

  • Email addresses
  • Passwords (mixed hashing: bcrypt and MD5)

Why This Matters

With nearly 46,000 records exposed, this breach represents a substantial data loss from a Chinese diaspora community platform. MD5-hashed passwords in this breach remain crackable with modern tools, meaning affected users who have not changed thier passwords since 2018 remain at risk today. Credential stuffing attacks powered by this breach can target Chinese-language platforms, email providers, and social media networks. The breach data has circulated in combolists targeting the overseas Chinese community and has been observed in credential trading channels since the incident occured.


How Database Breach Works

In a database breach, attackers exploit vulnerabilities in web application code, CMS plugins, or server configurations to extract stored user records. Community news and essay platforms serving diaspora communities often rely on legacy CMS infrastructure with infrequent security updates, making them particulary susceptible to exploitation. Once extracted, the MD5-hashed passwords are cracked using Hashcat and similar tools at billions of hashes per second. The recovered credentials are compiled into Chinese-community-focused combolists and tested against Chinese-language platforms and social media services in automated stuffing campaigns.


Check If You Are Affected

HEROIC offers a free identity scanner that checks your email address against thousands of known breach databases, including overseas Chinese community platform leaks like Creaders Column. If your credentials were exposed, you will recieve an alert with guidance on which accounts to secure immediately. Visit heroic.com to scan your email for free and protect your online accounts from credential-based attacks linked to this breach.

Breach Breakdown

Domain N/A
Leaked Data Email Address,Password Hash
Password Types bcrypt,MD5
Date Leaked 03 Sep 2025
Check in 5 seconds

45,937 passwords exposed. Is yours one of them?

Enter your email to scan this breach plus 400B+ other leaked records. If you're compromised, we'll show you exactly where and what to change.

All information submitted is Private and Secure. We do not sell or share email addresses. By searching, you agree to HEROIC's Privacy Policy and Terms of Service.

Free forever · No account required · Results in seconds

Private & Secure No Account Needed 3,218 scanned today
Breach Rank #5,584 by affected users
Impact Score
2
sensitivity + scale + recency
Est. Financial Impact $332.4K fraud, phishing & misuse risk
Scan your email Free →
Scan to sign up

Scan to sign up instantly

24/7 Dark Web Monitoring
Instant Breach Alerts
Secure Data Protection
Your Data is at Risk

Your Personal Information is Exposed

We found your data exposed in multiple breaches. This includes:

  • Email addresses
  • Passwords
  • Phone numbers
  • Financial information
Secure My Information Now

Your information is protected by enterprise-grade security

Your Breach Details

Date:
Severity:
Records Exposed:

Your Exposed Information

Your Risk Level

How This Affects You

Full Breach Details

Premium Insights

Unlock Critical Security Information

Create a free account to access:

  • Full Breach Impact Analysis
  • Identity Theft Risk Score
  • Exposed Credentials Details
  • Personalized Security Recommendations
Create Free Account

Identity Theft Risk Score

Risk Score: 8.7/10 - Critical

Data Exposure Analysis

Passwords Critical
Financial High
Personal Medium
Social High
Security Critical

Breach Timeline Analysis

March 2024 Multiple credentials exposed in recent data breach
January 2024 Password found in dark web marketplace
December 2023 Personal information leaked in major security incident

Security Recommendations

High Priority
Password Security

Critical: Change compromised passwords immediately and enable 2FA on all accounts

Important
Financial Protection

Monitor credit reports and set up fraud alerts with major credit bureaus

Recommended
Identity Protection

Enable advanced identity monitoring and dark web surveillance