Report it. Report the attack to the platforms on which your personal information has been posted. Search the relevant platform's terms of service or community guidelines to determine their reporting process for this type of attack and follow it. While filling a form out once, save it for the future (so you do not have to repeat yourself). This is the first step to stop the spread of your personal information.
Involve law enforcement. If a doxer makes personal threats against you, contact your local police department. Any information pointing to your home address or financial information should be treated as a top priority, especially if there are credible threats attached.
Document it. Take screenshots or download pages on which your information has been posted. Try to ensure that the date and URL are visible. This evidence is essential for your own reference and can help law enforcement or other agencies involved.
Protect your financial accounts. If doxers have published your bank account or credit card numbers, report this immediately to your financial institutions(s). Your credit card provider will likely cancel your card and send you a new one. You will also need to change the passwords for your online bank and credit card accounts.
Lock down your accounts. Change your passwords, use a password manager, enable multi-factor authentication where possible, and strengthen your privacy settings on every account you use.
Enlist a friend or family member for support. Doxing can be emotionally taxing. Ask someone you trust to help you navigate the issue, so you don't have to deal with it alone.
Most of the time, celebrities get hacked the same way anyone else does. They use weak passwords, fall for social engineering tricks, or suffer from data leaks when larger organizations holding their data are breached. Here’s a closer look at the most common techniques hackers use to hack the stars — techniques we can all fall victim to if we’re not careful.
Social engineering: Social engineering attacks manipulate victims into disclosing sensitive personal information or access to confidential assets. Many hackers will scour a victim’s social media profiles for data they can leverage in an attack.
Phishing: Phishing attacks use fraudulent emails, text messages, and other communications to deceive victims into disclosing sensitive information.
Data breaches: By breaching the data vaults of large organizations, hackers can capture usernames, passwords, and all sorts of other valuable personal data. After a data breach, the stolen data is often made available on the dark web, where others can buy it to commit identity theft and fraud.
Ransomware: One of today’s most dangerous and fastest-growing online threats, ransomware infects your device, hijacks your data, encrypts it, then holds it hostage while demanding a ransom payment. Many victims choose to pay the ransom, which drives up ransom rates while incentivizing the development of more sophisticated ransomware attacks.
Password cracking: Even celebrities sometimes get lazy with their passwords. After a 2012 LinkedIn breach, Facebook CEO Mark Zuckerberg was caught reusing his passwords, as hackers were able to access several more of his accounts using the same password. Other hackers have successfully guessed or cracked the passwords of their victims, often by using personal information obtained via phishing.
