Logo for Middlebury Middlebury Middlebury

Information Technology Services

VT and CA Helpdesk Hours. Create a Ticket, call (802) 443-2200, (831) 647-6656, or email helpdesk@middlebury.edu

Doxing

What is Doxing?

When someone is the victim of doxing (also spelled doxxing), their personal information has been released to the public without their consent. Usually, this is done with malicious intent. The information is typically posted in a public venue (website, social media, other internet-based channels) making the victim susceptible to harassment, identity theft, or other real-life threats. 

Recovering From Doxing

If you have been the victim of doxing, consider the following suggestions to help recover from the event. Please note that these are posted as resources only and have not been formally adopted by Middlebury as policy.

Document Everything

Save evidence of your personal information being exposed online. This could mean taking screenshots, downloading webpages or documents, or saving forum posts. Try to preserve any proof that your information has been leaked online. If the posts have date/time information, try to capture that as well. Anything that could assist authorities should be considered.

Remove the Exposed Information

Contact the various websites or platforms where your information has been exposed. Most will have policies on releasing private information or for harassment. Cite these policies and request that your information be removed. If you are unable to remove the information, consider changing things like phone numbers or email addresses. 

Increase your Personal Security

Change your account passwords, especially if those accounts are responsible for financial or medical information. Enable two-factor authentication if available. Consider adjusting your privacy setting on social media accounts.

Report the Incident

Report any threats or harassment to appropriate authorities. Provide them with any documentation that you have. If your social security or financial information was exposed, contact your financial institutions and credit bureaus to prevent identity theft or fraud. 

Monitor your Online Presence

You may also want to take steps to monitor your online presence using tools like Google Alerts. You can set up an alert for your name or for other personal information so you are notified when they are mentioned. These tools aren’t 100% effective, as they only have access to publicly available platforms, but they could help. Consistently searching for your information in search engines may also be helpful in identifying obvious locations where your info has been posted. 

Protecting Yourself From Future Doxing Attacks

Limit the Amount of Personal Information Online

Be aware of personal information you are sharing. Small details can be pieced together over time to create a completely identifying profile. Review and adjust your privacy settings on a regular basis. Websites such as Facebook and Google receive and store an incredible amount of personal information about their users; anything from browsing habits to pinpointed geo locations. Review the privacy settings of the sites that you visit the most, and make sure that you’re comfortable with the amount of information being shared. 

Avoid using Personally Identifiable Information (PII) 

Never share personally identifying information. If you have posted your address, phone number, or other information that could be used to identify you, take that information down. Consider using a pseudonym or alias when creating usernames that are displayed publicly. Use multiple usernames. This practice will make it much more difficult for people to track your movements across multiple sites. 

Secure Your Accounts

Make sure that you are using strong, unique passwords for all of your accounts. Enable two-factor authentication if it is available. Never share your login credentials over email or message apps as phishing is a common doxing practice. If you have old accounts that you are no longer using (remember that 10 year old MySpace account) try to delete it. If you own domain names, make sure the registration details are private or else they could share information such as your mailing address.

The Best Defense is Common Sense 

While we should all take the potential threat of private information being disclosed quite seriously, common sense online privacy measures can go a long way towards empowering and protecting ourselves online. The key is being proactive and building good habits.

Need help with technology at Middlebury?

Submit a Ticket

Information Technology Services

Davis Family Library 202
Middlebury, VT 05753