Doxxing Meaning: Risks, Prevention, and Legal Insights

Do you remember back in 2013, when Michelle Obama, Kim Kardashian, and Beyoncé were just a few of the at least 17 high-profile victims whose personal financial details were exposed online by hackers?

The politicians and stars of the entertainment world fell victim to doxxing. This means that hackers were able to breach their online security and gain access to their sensitive information. And this is just one example of the illegal act of doxxing.

It’s scary, and it’s not always preventable. However, there are steps you can take to protect your personal information.

Additionally, keeping domain registration information private and safeguarding your physical address are crucial steps in protecting your personal information from being exposed.

In this Mysterium VPN blog post, we’ll provide you with specific information on doxxing, reveal whether doxxing is illegal, how to prevent doxing, and what you should do if you’ve fallen victim.

What is Doxxing?

According to UC Berkley, doxxing is “the collection of a user’s private information across multiple platforms (including social media) by an unauthorized individual, who then publishes the information in an attempt to shame or embarrass the user.”

Since it’s most often done maliciously, as a result, it undermines the victim’s privacy, security, safety, and/or reputation.

The academic experts continue on how doxxing works: “It may be conducted by researching public databases, hacking, or through social engineering.  The term “doxxing” is derived from the phrase “dropping dox (documents)”.

One effective way to protect yourself is to hide domain registration information, which prevents your personal contact details from being publicly accessible through WHOIS lookups.

The term doxxing came from the hacker community in the 1990s, in the early years of the Internet.

Back then, it referred to when a group of hackers exposed the true identity of a fellow hacker with opposing viewpoints who violated the norms and unwritten rules of the hacker community, destroying their anonymity.

Doxxing and Identity Theft

Bad actors typically look for anything that can help them expose private information about someone. This includes but isn’t limited to:

• Real name;
• Contact information;
• Social Security number;
• Home address;
• Phone number;
• Employer;
• Credit card details;
• Bank account numbers;
• Personal photographs;
• Social media accounts.

It's also important to protect the details related to family members, as their information can be used by malicious actors to gain access to sensitive data or target individuals through their connections.

Types of Doxxing

Doxxing can take different forms depending on the target and intent behind the act. Broadly, there are two main types of doxxing: celebrity harassment and targeted doxxing.

Each comes with its own set of motivations and consequences.

Celebrity Harassment

Celebrities and other high-profile figures are prime targets for doxxing due to their public visibility.

These campaigns often aim to expose sensitive personal information, such as home addresses, phone numbers, or private photos, putting their safety and privacy at risk.

The consequences can be catastrophic—ranging from online harassment and stalking to physical harm or death threats. In many cases, celebrity doxxing is designed to humiliate or bully the individual.

The victims of such acts are left to deal with overwhelming public scrutiny, and the potential for real-world dangers as their personal lives are laid bare to the public.

Targeted Doxxing

Unlike celebrity harassment, targeted doxxing focuses on specific individuals, often for personal or ideological reasons.

The victim may be singled out as part of a coordinated cyberbullying campaign or due to personal vendettas. The doxxer may release information like the victim's address, workplace details, or contact information, enabling others to harass, intimidate, or threaten them.

In some instances, targeted doxxing is used as a form of control or revenge, particularly following relationship breakdowns.

This is known as technology-facilitated coercive control, where an individual’s personal details are weaponized to assert dominance or cause psychological harm.

The repercussions of targeted doxxing can be severe, leading to emotional distress, professional consequences, and even physical danger.

Risks and Dangers of Doxxing

Doxxing poses significant threats to individuals, both personally and financially, often leaving lasting consequences. The risks can be broadly categorized into identity theft, financial loss, and harassment and intimidation.

Identity Theft and Financial Loss

One of the most serious dangers of doxxing is its potential to facilitate identity theft.

When personal information is leaked online, it can quickly make its way to the dark web, where cybercriminals exploit it for illegal activities.

Sensitive details like Social Security numbers, bank account information, and credit card details are prime targets for fraudsters.

Once in the wrong hands, these details can be used for various malicious purposes, such as applying for bogus loans, committing credit card fraud, or executing other scams.

Victims may face financial ruin as cybercriminals exploit their stolen credentials to drain bank accounts or rack up debt in their name.

Harassment and Intimidation

The psychological and emotional toll of doxxing is immense. Victims are often left vulnerable to harassment, threats, and intimidation, creating a pervasive sense of fear and insecurity.

These actions can escalate to physical harm, further amplifying the danger.

Beyond personal impacts, doxxing also has a corrosive effect on society. It fosters lawlessness, fuels conflict, and undermines trust in public figures and institutions.

Doxxing is frequently used as a tool to intimidate or silence individuals, whether by threatening their safety, coercing them into compliance, or extorting money.

The combined financial, emotional, and societal consequences of doxxing make it a profoundly harmful act with far-reaching implications.

Doxxing: Prevention and Protection

Doxxing can have severe personal, financial, and psychological impacts, but there are numerous steps you can take to protect yourself. Here's a comprehensive guide to minimize your risk:

Use a VPN (Virtual Private Network)

• A VPN encrypts your internet traffic and masks your IP address and your internet service provider, making it harder for attackers to trace your online activities back to you.
• Choose a reputable VPN provider like Mysterium VPN that doesn’t log your data and offers strong encryption protocols.

Protect Your Private Information

• Limit what you share online: Avoid posting personal details like your full name, address, bank account details, phone number, or date of birth on social media or other public platforms.
• Use pseudonyms: When possible, use aliases or handles instead of your real name, especially on forums or social media accounts that don’t require legal identification.
• Separate personal and professional profiles: Keep your professional information (like LinkedIn) separate from personal social media accounts to minimize exposure to your publicly available information.

Secure Your Online Accounts

• Use strong, unique passwords for each account to prevent credential stuffing attacks. A password manager can help you manage them securely.
• Enable two-factor authentication (2FA) on all accounts, especially those containing sensitive data.
• Regularly review and update your account security settings.

Check and Manage Your Digital Footprint

• Search for your name and information online to identify what’s publicly accessible.
• Use tools like Google Alerts to get notified if your name or personal details are mentioned online.
• Contact websites or platforms to remove sensitive information (e.g., home addresses, phone numbers) that may have been shared without your consent.
• Consult your domain registrar to hide domain registration information, ensuring your personal contact details are not publicly accessible through WHOIS lookups.

Protect Your Devices

• Use antivirus software: Protect against malware that could extract personal information from your device.
• Enable firewalls: Prevent unauthorized access to your systems.
• Regularly update software and firmware to patch vulnerabilities that attackers might exploit.

Be Cautious with Public Wi-Fi

• Avoid accessing sensitive accounts or inputting personal information while on public Wi-Fi, as it can be easily intercepted.
• If you must use public Wi-Fi, always connect through a VPN.

Remove Yourself from Data Broker Sites

• Use opt-out tools or services to remove your personal data from data brokers and similar platforms that aggregate and sell your information.
• Consider services that automate this process to save time.

Be Aware of Phishing Scams

• Don’t click on suspicious links or download attachments from unknown sources.
• Verify the sender’s identity before responding to emails or messages requesting sensitive information.

Keep Social Media Accounts Private

• Review privacy settings and restrict who can view your social media posts, photos, and personal details.
• Avoid geotagging posts or sharing real-time locations.
• Regularly audit your friend or follower lists to ensure only trusted individuals have access to your content.
• Use a unique username, security questions, and strong passwords to protect yourself on social media services.

Protect Your IP Address

• Don’t join untrusted links or online forums where your IP address might be exposed.
• Use a VPN to mask your IP address or connect through a secure proxy.

Safeguard Your Physical Documents

• Shred sensitive physical documents, like bank statements or medical records, before discarding them.
• Avoid leaving important documents in publicly accessible places. Additionally, be cautious about sharing your physical address online or in public forums to prevent it from being used maliciously.

Stay Alert to Doxxing Tactics

• Understand how attackers gather information through phishing, social engineering, or scraping public profiles.
• If you receive suspicious emails, messages, or friend requests, scrutinize them carefully.

Monitor Your Financial Accounts

• Regularly check your bank statements and credit reports for any unauthorized transactions.
• Set up alerts for unusual activity on your financial accounts.

Consider Legal Protection

• Familiarize yourself with local anti-doxxing laws and other cybercrime-related legal repercussions.
• If you’re targeted, document evidence and report incidents to the appropriate authorities.

Educate Yourself and Others

• Stay informed about cybersecurity best practices and share this knowledge with family and friends.
• Create a culture of caution when sharing information online.

Responding to Doxxing

• Lock down your accounts: Increase the privacy settings on your social media profiles and any other accounts that may be impacted. Pay specific attention to your financial accounts. Change your passwords and enable two-factor authentication (2FA).
• Document the violation: Take screenshots or download pages where your information has been posted. If these are unavailable, document the date, time, and description of the information shared to aid in any future investigation.
• Report it: Report the attack to the platforms or services where your personal information has been posted.
• Turn to the people you trust: These attacks can be really stressful, and their fallout can be super time-consuming; consider asking for help if you need it.
• Engage law enforcement: If a doxxer makes actual personal threats against you or exposes non-public information without your explicit consent, contact your local police department for help.

Is Doxxing Illegal?

Let's take a look at the laws and regulations regarding doxxing and the protection of your private data worldwide.

United States

• Federal laws, such as the Interstate Communications Statute and the Interstate Stalking Statute, inadequately address doxing and are rarely enforced.
• Weak data privacy laws enable easy access to personal information through data brokers.
• Doxing incidents surged in 2023–2024, especially targeting politicians via swatting.

Australia

• In 2024, the government proposed legislation criminalizing doxing after a WhatsApp leak exposed the personal details of over 600 Jewish Australians, leading to threats and harassment.
• The legislation, supported across political lines and by Prime Minister Anthony Albanese, includes potential jail time for offenders.

Austria

• Anti-stalking laws (2006) and cyber-mobbing laws (2016) address online violence, though doxing is not explicitly criminalized.
• EU laws like DSGVO apply due to Austria's membership in the European Union.

Mainland China

• Since March 1, 2020, regulations prohibit doxing, online violence, deep forgery, and related activities.
• Platforms and users are held accountable for illegal online conduct under these rules.

Hong Kong

• Doxing became a criminal offense in 2021, punishable by up to 5 years in prison and fines.
• Defined as releasing private information to threaten, harass, or harm an individual.

Germany

• In 2021, doxing was criminalized under Section 126a of the Criminal Code, with penalties of up to three years in prison or fines.
• Exceptions exist for socially appropriate purposes, such as education, research, and journalism.

Netherlands

• A 2024 law criminalizes sharing personal data with intent to intimidate, harass, or hinder work, punishable by up to two years in prison or fines.
• Penalties increase for targeting public figures.

Russia

• Publicly sharing personal information is punishable under Article 137 by fines, compulsory labor, or imprisonment of up to two years.
• Separate offenses exist for illegally obtaining or copying personal data.

South Korea

• Article 49 prohibits unlawful collection or dissemination of private information identifiable in summation.
• Ambiguities in enforcement lead to reliance on defamation statutes, which carry harsher penalties.
• Law was partly enacted to address cyberbullying and its impact, such as celebrity suicides.

Spain

• Articles 197–201 of the Criminal Code penalize unauthorized access, use, or dissemination of personal data with up to five years in prison.
• Aggravated offenses include violations involving minors, economic gain, or sensitive data like ideology or health.
• 2015 reform added penalties for sharing private images or recordings without consent, particularly in domestic or affective relationships.

Conclusion

Now that you know what doxxing is, how it threatens your online security, and how you can protect yourself with common techniques, you're all good to go!

Stay safe, protect your personal details on the Internet, and turn on a VPN for good measure, will you?

‍