Celebrity “Doxxing” Scandal Sheds Light on Cyber Risk

Recently, news broke that the private information of a few unlucky celebrities and politicians was leaked online.  The data, which includes everything from bank statements to mortgage terms and car loans, was made available on a Russian website.

It’s unfortunate that well-known performers like Jay-Z, Beyonce, Britney Spears, and Kim Kardashian have had their information publicized, but the terms of Ms. Kardashian’s mortgage aren’t a topic of national security.  Victims of the leak also included Michelle Obama, Vice President Joe Biden, former Security of State Hillary Clinton, and Attorney General Eric Holder, and as a result, the FBI’s team of cyber officials is looking into the individuals behind the attack.

The “doxxing” behind the attack

According to investigators, these cyber attacks were not necessarily “hacking” at all, but something called “doxxing.”  While hacking involves breaking into someone’s computer, doxxing is the act of identifying a person from one small bit of public information, such as an email address. The “doxer” then uses this email address to find phone numbers, residential addresses, or in this case, bank statements and loan information. Doxxing is legal as long as you only find publically available information, but it becomes illegal if you stalk the person through online chat services or hack into their online accounts to steal data.

And while residential addresses, mobile phone numbers, or documents filed with state or local authorities aren’t necessarily as sensitive as your checking account number, who among us would want this information posted publicly on the web?

Managing your information online

The divide between public and sensitive information is different for everyone. Celebrities like Jay-Z and Britney Spears might go to extremes to keep personal contact information (like a residential address) quiet, while few Americans would be surprised to hear that Michelle Obama’s residential address is on Pennsylvania Avenue.  Most of us share information with friends and relatives that celebrities would never dream of sharing publicly online, but doxxing still represents a threat as it is often a precursor to identity theft.

For those of us who aren’t international public figures, it’s still wise to be selective about which information we make available online.  You may not be able to avoid putting your residential address on your tax returns, but think carefully before adding this information to your Facebook or LinkedIn profile.  Don’t assume that limiting access to account details like contact information will protect you from doxxing attempts—if one of your friends’ accounts is hacked, or if the site itself changes its privacy policy, you might find that your personal information is exposed to the world.  For more peace of mind, McAfee All Access also allows users to monitor the privacy access levels of apps, helping to keep your sensitive information out of the public eye while scanning for malicious content.

Have you ever been the victim of a doxxing attack? Let us know your thoughts on this topic in the comments below, on Facebook, or on Twitter with @McAfeeConsumer.

Leave a Reply