what I want to ask is that... when those mailicious people gain access to a database, do they just go for emails and passwords? I am sure there are other data such as creation dates, private messages, ssn, interests and more, are these exposed as well? do the mailicious people strip out these info before posting online?

why your site and other similar sites not have data classes for these other info?