Is Doxing Illegal?

In case you haven't heard of it, doxing is when a hacker seizes their victim's personal information and releases it onto the internet...


You may have heard of doxing or doxxing as sometimes it is called. An abbreviation for “Dropping Documents,” it presumes a malicious actor seizing someone’s personal information and releasing it onto the internet with the purpose of harassment.

Yes, it is a type of cyberattack and you should protect yourself from being “doxed.”

It is not something that happens to the naive folks only, all sorts of people become victims of doxing. So it is important to carefully think about what type of information you put up on the internet.

What data hackers need for doxing?

Generally speaking, hackers usually look for the following information for “doxing purposes”:

  • First name / last name
  • Email address
  • Phone number
  • Social media profiles
  • Address or location
  • Bank account or credit card information

With all that data on hand, hackers can do their “thing.” Which brings us to our question du jour

Is doxing illegal?

It’s a tricky one to answer as it all depends on the data that is released by the hacker.

It is undoubtedly unethical, but not necessarily illegal. For instance, if the hacker got the information from publicly available sources like social networks, he/she can hardly earn jail time for that.

However, if as a result of doxing the victim is harassed, humiliated or loses his/her job – the case could be made against the malicious actor and he/she could end up in jail. Or at least pay a hefty fine.

Additionally, the hacker could be prosecuted if the information that’s being leaked is not part of the public record and includes data such as a birth certificate, bank account details, and so on.

How to protect yourself from doxing?

There are no guarantees of any sorts that you (all of us really) won’t be doxed. We could, however, do some things:

  • Tweak social media privacy settings so that only our friends can see what we’re sharing.
  • Think before sharing. The general rule is that if you don’t want something to become public information, don’t share it.
  • Don’t add e-friends easily. Remember that there are malicious folks out there so think twice before clicking/tapping that “Add Friend” button. In most cases, the person you’re about to add to your network will be able to get more information about you.
  • Watch out for your inbox. Do not open attachments from people you don’t know. Doxing and phishing are two sides of the same coin.
  • Use strong passwords. A hacker could get ahold of your personal information by logging into various services you use. It is advised that you opt for two-factor authentication whenever possible.
  • Use an antivirus. It will protect you against trojans that could mine your computer for your passwords and personal information.
  • Use a VPN. Last but not least, get a VPN to protect yourself when using public Wi-Fi hotspots as well as to surf the web anonymously with an IP address that can’t be used to locate you.

Those are the general rules, but doxing could still happen. So the next question is…

What to do if you get doxed?

There are several things that could be done:

  • Change all passwords. Grab a good password manager if you still don’t have one, like LastPass, 1Password or NordPass.
  • Change privacy settings across social media networks.
  • Take screenshots and other proof that you’ve been doxed. Send it to anyone who could be able to help, including administrators of networks showing your (fake) profile, your ISP and even authorities if the situation is serious.
  • If your bank details have been compromised, call or send an email to your bank and explain the situation. Perhaps you’ll need a new account or even new credit cards. You don’t want someone who you haven’t authorized to use your money.
  • If things get really nasty and you start receiving emails from hackers – contact the law enforcement and explain to them what’s going on.
  • Finally, you may have to change your phone number, deactivate social media profiles and even change your email. Hopefully, you won’t have to do that, but who knows…

The point is – watch out what you’re doing on the Internet. Use a good anti-virus and a VPN. Those two give you the weapon to keep yourself protected online. Good luck!