Cyber Incident Victim: Blood and Honour Canada
Date:
Feb 2014
Location:
Canada
Summary
A hacker using the alias @SQLiNairb compromised The National-Socialist Party of Canada's website through a basic MySQL injection attack, exfiltrating and publicly leaking extensive user and administrative credentials. The breach exposed 1,356 user accounts containing email addresses, usernames, and passwords, alongside encrypted MySQL credentials and non-email administrative login details. Partial data appeared on Pastebin accompanied by an anti-fascist message, while the full database dump—spanning multiple databases including internal organizational data—was later distributed via MirrorCreator. The attacker explicitly targeted the group for its extremist ideology, framing the leak as an act of retaliation against hate-based entities.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On February 13, 2014, a hacker operating under the alias @SQLiNairb breached the official website of the National-Socialist Party of Canada (https://nspcanada.nfshost.com/) using a basic GET-based MySQL injection attack. The attacker extracted data from five databases: nspcanada, wordpress, wordpress2, mysql, and db_meinkampf_en. A partial dataset was initially published on Pastebin, accompanied by the message "Racists, fascists, and hate-mongers beware, nairb is here ;)". Subsequently, the full dataset was uploaded to MirrorCreator, comprising credentials for 1,356 user accounts with associated email addresses, administrative credentials lacking email addresses, and MySQL credentials with encrypted passwords. The leaked personal information included usernames, plaintext passwords, and email addresses.
The breach exposed the organization’s membership infrastructure, though the website primarily hosted informational content described as non-critical. No remediation efforts or responses from the National-Socialist Party of Canada were documented in the source material. The attacker’s actions exclusively targeted credential exfiltration and public disclosure, with no evidence of further system manipulation or secondary attacks. The leak rendered all compromised credentials permanently exposed, eliminating their utility for authentication and exposing members to potential identification. The incident demonstrated the vulnerability of the group’s web infrastructure to elementary injection techniques despite hosting sensitive user data.