Digital Media Concepts/Doxing

What is Doxing? edit

Doxing is the act of obtaining personal information on those who wish to remain anonymous and using that information to their advantage. The intent behind doxing is usually to shame or embarrass the anonymous target but it can also have the intent of wanting to know more about or to gain recognition for having obtain information on more famous anonymous individuals.

Beginning around the 1990s, doxing has increased in cases and severity in the mid-2000s due to the evolution of the internet. Derived from the abbreviation of documents ("doc") to invoke the same meaning of having a file with information, doxing started out as a term for hackers to expose other hackers of their misdeeds and alert the authorities. In the 2000s, this practice evolved to target a larger range of victims, ranging from everyday people to even celebrities, and is much easier thanks to information made available on social media and online forums.[1]

How does it work? edit

Doxing starts with obtaining personal information in any form. Everyday social media posts, pictures, and relations can be clues for someone to figure out an individual's identity. Hacking is a more illegal and invasive method in order to gain more private personal information. Stalking friends and family both physically and online is also an intrusive way to gather information.

With the information in hand, any action within the realm of harming the target is possible as it can be used to threaten, shame, hurt, intimidate, and blackmail. In some instances, deliveries have been ordered by the perpetrator to the victim's address to be paid in cash.[2] While not harmful, it serves as an intimidation tactic to allow the victim to be coerced into doing what the perpetrator wants them to do.

What are the implications? edit

For the victims edit

As a mix between hacking and cyberbullying, victims suffer the obvious consequences of having their lives ruined such as loss of their job, family, and even home. In this way, the victim can suffer financially and have their reputation ruined.[3] Public shaming can also happen where the victim would have to respond by changing their identity and go into hiding if allowed by the government.


Cases of swatting can also occur where the perpetrator alerts the authorities posing as a victim or issuing a threat and leads a trail to the victim based on the acquired information.[4] This can lead to dangerous and life-threatening scenarios that can lead to the death of the victim.

For the perpetrator edit

Although doxing itself is unethical, the way information is obtain determines if it is legal or not.[5] Information made readily to the public such as public records is not considered illegal when used against the victim, however information obtained pertaining checking accounts, credit card information, and birth certificates is considered illegal as it is not readily available to the public. Perpetrators mainly suffer implications after doxing due to consequences that may follow after. Arrests have been made for results after swatting based on doxed information and theft charges for stealing private information.[6]

Examples edit

Examples of doxing can range from the type of person being doxed and the intent behind doxing in the first place. Most cases such as with Leonhardt and Herring are the worst case scenarios when death is part of the end result. However, some cases such as with Cosko ended on a calmer note with the victims not being affected as much.

Jessica Leonhardt, 2010 edit

At 11-years-old, Jessica Leonhardt of Florida was accused of having sex with a member of the band, Blood on the Dancefloor. Due to her address and phone number being revealed to the public after being doxed, Leonhardt was harassed both online and in person. Although her father did his best to defend his daughter, he ended up dying due to a stress-induced heart attack and Leonhardt was admitted to a mental institution.[7]

Andrew Finch, 2017 edit

In 2017, Tyler Barriss, Casey Viner, and Shane Gaskill were playing a video game when Viner told Barriss to swat Gaskill. Gaskill responded by providing his previous address and urged Barriss to do it. Barriss told the authorities that he killed his father and had the rest of his family hostage. Andrew Finch and his family was living at Gaskill's previous address when he was called outside by the police and was subsequently shot by an officer while outside. Barriss was sentenced to 20 years in prison for involuntary manslaughter.[8]

Jackson A. Cosko, 2018 edit

In Washington D.C. on October 2018, Jackson A. Cosko was arrested for doxing and releasing restricted personal information of multiple U.S. senators to the public. Coska stated he wanted revenge after being fired as a system administrator.[9]

Portland Police, 2020 edit

Amid the murder of George Floyd, Portland police officers were overseeing the 55 days of racial justice protests that were going around the city. Despite efforts to keep the names of the police anonymous, 38 police officers were doxed. Although what was released was not made clear for the public, addresses and phone numbers were suspected to have been released.[10]

Mark Herring, 2020 edit

In April 2020, Mark Herring, 60, was swatted for a valuable twitter handle Shane Sonderman, 20, wanted and to sell. Sonderman had acquired Herring's address and told a co-conspirator in the UK to make calls in order to intimidate Herring over handing out his handle out of fear. Herring died of a heart attack at the sight of the police and Sonderman was sentenced to 5 years in prison.[11]

How to protect yourself? edit

A common tactic to protect yourself from being doxed to refrain from providing personal information online. Most websites suggest using passwords that are hard to guess or ask if it is alright to keep your information on their platform.


Another way to protect yourself online is to use encryptions or VPNs to avoid being traced by hackers on the internet. This way, sensitive information you may be passing through networks will be encrypted so that hackers will be unable to obtain your information.[12]

In the event that doxing does happen, legal protections via U.S. code 2261A and 119, which are laws against stalking and protections against making restricted personal information public, can help protect yourself. Some states even have their own laws where doxing is listed with cyber-stalking and harassments where you can then file for a complaint or a civil suit.[13]

References edit

1. Cramer, M. (2021, July 24). A Grandfather Died in ‘Swatting’ Over His Twitter Handle, Officials Say. New York Times. Retrieved October 12, 2021

2. Leiker, A.R. (2019, March 29). Tyler Barriss gets 20 years federal prison, DA to dismiss manslaughter case. The Wichita Eagle. Retrieved October 12, 2021

3. Mehta, M. (2020, March 26). What Is Doxxing? 5 Examples of Doxxing and How to Prevent It. Infosec Insights. Retrieved October 11, 2021

4. Rafter, D. (2021, May 21). What is Doxing. Norton. Retrieved October 10, 2021

5. Tully-McManus, K. (2019, April 5). Senate doxxing suspect pleads guilty, faces over 2 years in prison. Roll Call. Retrieved October 12, 2021

6. Villarreal, D. (2020, July 21). 38 Police Officers Have Been Doxxed During Protests in Portland, DHS Says. Newsweek. Retrieved October 12, 2021