ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

Pokémon Creed Data Breach

pokemoncreed.net
Limited exposure
Verified breach Passwords exposed
Accounts exposed 116,465
Breach date 08 Aug 2014
Added to tracker 10 Aug 2014
Data classes 6

What happened

In August 2014, the Pokémon RPG website Pokémon Creed was hacked after a dispute with rival site, Pokémon Dusk. In a post on Facebook, "Cruz Dusk" announced the hack then pasted the dumped MySQL database on pkmndusk.in. The breached data included over 116k usernames, email addresses and plain text passwords.

Exposed data

Email addresses Genders IP addresses Passwords Usernames Website activity

Recommended actions

  • Change your Pokémon Creed password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Pokémon Creed — attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP