Doxxing – The Weaponisation of Personal Data

Understanding the Risks of Doxxing and Data Misuse

In recent years, the public has become increasingly aware of the value of personal data. The rise of social media, repeated data breaches, and incidents like the Facebook Cambridge Analytica scandal have exposed how much personal information is available online and how it can be exploited.

Data has become a highly valuable commodity—not just for financial gain but also for harassment and intimidation. This is particularly evident in the rise of doxxing.

Doxxing is the practice of researching and publishing someone’s personal information to embarrass, harass, or expose them to legal action. It has become a serious online threat and has ruined lives.

The term “dox” originated over a decade ago, initially used by hackers to retaliate against rivals by exposing private information and alerting authorities. Today, doxxing has become widespread. With the vast amounts of personal information online, anyone can be targeted.

Although ethically questionable, doxxing isn’t illegal if the information is publicly available. It becomes illegal when obtained through hacking. Laws may evolve as doxxing increasingly becomes a tool to discredit individuals, governments, and institutions.

The Weaponisation of Data

A concerning trend is the use of personal data for politically motivated attacks. For example, the hacktivist group Anonymous once exposed the information of over 7,000 law enforcement officials. High-profile attacks have included the 2014 Sony Pictures hack, where North Korean hackers published sensitive corporate data, causing $41 million in damages.

More recently, in Hong Kong, both protesters and government supporters have doxxed each other, highlighting the severe consequences and growing prevalence of these attacks.

How to Avoid Being Doxxed

Doxxing affects not just celebrities or politicians but ordinary individuals as well. To protect yourself, consider these preventative measures:

1. Use a VPN – Encrypt your internet traffic and hide your IP address to protect your location.
2. Avoid single sign-on buttons – Using “Login with Google/Facebook” can expose personal information linked to your accounts.
3. Keep WHOIS information private – If you own a domain, hide personal details from public databases: WHOIS
4. Adjust social media privacy settings – Regularly review and tighten privacy controls.
5. Create multiple email addresses – Use separate emails for different sites to reduce risk.
6. Be cautious with links and attachments – Avoid phishing attacks and malware like Doxware, which threatens to release personal data.
7. Use unique usernames and strong passwords – Avoid reusing credentials across sites; use complex passwords or passphrases.
8. Exercise your right to be forgotten – GDPR allows you to request deletion of personal data, videos, or photos online.

Enhance Your Cybersecurity Awareness

Protect yourself and your organisation by visiting MetaCompliance Automated Security Awareness Platform. Their comprehensive courses provide practical guidance on data protection, online privacy, and cybersecurity best practices to stay safe in today’s digital world.