Combat 18 Canada
| Primary URL | Location | Industry | nationalsocialistparty[.]ca |
Country
Canada
|
Undetermined
|
|---|
Profile
Combat 18 Canada, operating under that alias, is identified as a neo‑Nazi extremist organization with its headquarters situated in Canada. The group maintains an online presence through an official website that was used for member registration and administrative functions, as evidenced by the databases exposed in a 2014 security incident. This website also incorporated a WordPress installation, indicating the use of a widely deployed content‑management platform for publishing and site management. Public sources do not provide specific figures regarding the organization's membership size, geographic reach, or financial resources. The organization's ideological orientation is described in the breach report as neo‑Nazi, reflecting extremist white‑supremacist beliefs. No additional details about leadership structure, funding sources, or affiliated chapters are disclosed in the available material.
On February 13, 2014, the group's website was subjected to a basic SQL injection attack carried out by an individual using the handle @SQLiNairb. The attacker successfully exfiltrated data from five separate databases, which collectively contained over 1,300 user accounts comprising email addresses, passwords, and administrative login credentials. A portion of the stolen information was posted on the public paste site Pastebin, while a complete archive was subsequently uploaded to the file‑sharing service MirrorCreator. Alongside the leaked data, the attacker left a message that explicitly condemned the organization's neo‑Nazi ideology and mocked its perceived security shortcomings. The exposure of the internal authentication systems rendered the group's operational security compromised and jeopardized the anonymity of its members. Because the leaked databases included member registration details, the breach potentially enabled third parties to associate specific email addresses with individuals linked to the extremist collective. The incident was documented and summarized by the data breach tracking website databreaches.net, which provided a timeline of the attack and its aftermath. No publicly available records indicate whether the organization undertook remedial measures, such as resetting passwords or migrating to a more secure platform, following the breach.
