Some of the recent doxxing victims (Getty Images/WireImage/FilmMagic)When news hit yesterday that more than a dozen celebrities and politicians had what appears to be their private banking and financial information posted online (Al Gore was the latest to be added to the list, midday Tuesday), many outlets immediately misreported what happened as a "hacking" incident. But in this case, no one was "hacked" -- rather, this has been a case of "doxxing" -- or, posting documents online that are usually hidden behind a firewall of an institution such as a bank's or lawyer's office. (there's been hardly any verification, however, that any of the recently posted info is actually accurate)
So, what is "doxxing" exactly? And what can public figures (or you!) do to protect yourself from it?
omg! spoke with Dave Aitel, the CEO of Immunity, Inc., a boutique tech security firm. Aitel is a former NSA security advisor and an expert in information security, whose company does penetration testing. In other words, he's somebody who can do what the bad guys do, but on the right side of the law.
Aitel broke down the differences between "hacking" and "doxxing." "Hacking would involve getting onto someone's computer and accessing their personal data, while doxxing is looking at someone's online persona and looking at someone's data," he explains. "It's the stripping away of their privacy. Doxxing using causes embarrassment, but not damage."
While this case has indeed been embarrassing to public figures, doxxing, in and of itself, is a rather tame crime. However, it's often the precursor to bigger cyber-crimes, namely, various forms of identity theft. The information made available from doxxing could enable more painful crimes to occur.
Aitel explains that, while this week’s incident is the most prominent example of doxxing he's ever seen to date, it's becoming more common. "People are trying to hide their identities more often," he says. "This is people saying, 'You're not as anonymous as you think.'"
Moreover, Aitel thinks the doxxers behind this case have a political agenda, which they have yet to reveal. "I can't think of a more political example than this," he shares. "They're using something that is a very effective means of protest that hasn't actually hurt anybody yet (even though it could still lead to hurtful actions). In that sense, it's not innocuous, but it's not as bad as some of the other (hacking examples) that we've seen. I think it will be interesting to see what their political message is … and I do think that they have one!"
Unfortunately, there isn't much that anyone can do to protect oneself from doxxing, because the info isn't coming from a victim’s own computer. However, Aitel points out that people should protect themselves by subscribing to online services that protect against potential identity theft.
It's also hard to tell who, exactly, is behind these attacks, unless the doxxers choose to reveal more about themselves. Some have reported that they're possibly Russian, but Aitel doesn't think that's accurate. "I don't know that I'd say that they are Russian or Soviet. I would say that it's tough to know. I get the sense that they speak reasonably good English. The only way you're gonna find out, is if somebody doxxes the doxxers – and the FBI is no doubt working quite hard on that right now."
Donald Trump, December 2012 (Getty Images)He also doesn't think that the perpetrators will get caught, unless they make a stupid move. "What they've done so far has raised a lot of attention, which was their aim," he explains. "If they continue doing it for years, then they might get caught. But if they are just doing this in the shorter term, they probably won't."
So, when might the site in question – and the accompanying documents – be taken offline? "I would say that they're not going to be able to take this off the Internet – the (nature of the) Internet doesn't allow that. This particular site is already being hit a little bit. So, it seems that law enforcement is already succeeding." In other words, this information, which includes what might be (then again, these could be fake!) Jay-Z's and Britney Spears' social security numbers, will never be private again.
One of the now 17 doxxed celebrities is Donald Trump, and "omg! Insider" spoke with him on Tuesday about getting hit. "Well, I just heard about the (doxxers) and frankly we'll see what happens to them," Trump said. "But they've got problems if they get caught … They'll be in big trouble when they get caught – and they will get caught at some point – and they will be in big trouble."
Sounds like if they worked for the Donald, they'd be fired by now.
UPDATE: Late Tuesday, credit reporting agency Equifax confirmed there was indeed a breach of their information security. A rep for the company issued the following statement: "We are aware of recent media reports pertaining to unauthorized access to files belonging to high-profile individuals. Equifax can confirm that fraudulent and unauthorized access to four consumer credit reports has occurred."
More Celebrity Features On Yahoo!:
- Taylor Swift Visits 10-Year-Old Cancer Patient
- Jennifer Aniston and Justin Theroux's Wedding Will Not Be in Hawaii
- Your Complete Guide to South By Southwest