Doxing (also spelled “doxxing”) means publicly exposing someone’s personal or identifying information online without their consent, usually to harass, threaten, or scare them.

What “doxing” actually is

  • It’s the intentional release of private details like real name, home or work address, phone number, workplace, usernames, or other data that can identify or locate a person.
  • The info is then posted or shared online (forums, social media, group chats, paste sites) so others can see or use it.
  • The goal is often to intimidate, punish, embarrass, or endanger the target, for example by encouraging harassment, unwanted calls, or even in‑person confrontations.

A simple way to think of it: doxing is turning online conflict into real‑life risk by exposing someone’s personal details.

How people get doxed

Attackers usually don’t “magically” hack everything; they combine pieces of data from many places. Common methods include:

  1. Public info digging
    • Searching social media profiles, old posts, blogs, photos, and comments for names, locations, schools, workplaces, or relatives.
 * Looking up public records (company registries, voter records, property records) where available.
  1. Data from leaks or hacking
    • Using passwords from past data breaches to get into email or other accounts, then mining messages or files for private info.
 * Phishing emails or fake login pages to trick someone into giving credentials.
  1. Technical lookups and “OSINT” tricks
    • Domain WHOIS lookups to see who owns a website if the registration isn’t privacy‑protected.
 * Correlating usernames across multiple platforms to slowly build a detailed profile.

An example:

Someone argues in a heated thread under a pseudonym. Another user checks their old posts, finds a mention of a small town, then a workplace photo with a logo, then a LinkedIn with the same username. They connect the dots, discover the person’s real name and address, and post that info in the thread to “teach them a lesson.”

That’s doxing.

Types of doxing you might see

Experts often distinguish a few patterns:

  • Deanonymizing doxing – Unmasking someone’s real‑world identity when they wanted to stay anonymous (e.g., revealing a whistleblower’s real name and employer).
  • Targeting doxing – Sharing info that allows people to contact, stalk, or break into accounts: addresses, phone numbers, emails, IPs, usernames, passwords.
  • Delegitimizing doxing – Publishing sensitive or embarrassing material (medical records, private messages, intimate photos) to damage someone’s reputation or relationships.

In online culture now, all of these usually get called “doxing” or “getting doxxed.”

Why doxing is a big deal

  • It can lead to serious harassment: threats, swatting attempts, mass call‑ins to someone’s work, or stalking.
  • It can put family members at risk if their address or contact info is exposed too.
  • It can harm jobs and reputation when employers or clients get dragged into an online pile‑on.
  • The psychological impact (fear, stress, not feeling safe at home) can be long‑lasting even if no physical harm occurs.

Legally, whether doxing is a crime depends on the country and on what exactly was done (e.g., threats, stalking, hacking, or using stolen data may be clearly illegal even if posting public records may not be).

Quick safety tips if you’re worried about doxing

If someone is just learning “what does doxing mean,” the next question is usually “how do I avoid it?” Basic precautions include:

  • Lock down privacy settings on social media; limit who can see your posts, friends list, and contact info.
  • Avoid posting your home address, specific daily routines, school or children’s locations, and easily linked personal details.
  • Use different usernames and strong, unique passwords on different sites, plus two‑factor authentication where possible.
  • Consider domain privacy if you own a website so your home or email address isn’t exposed via public registries.

If you think you’ve been doxed, many cybersecurity and safety agencies recommend: documenting the posts, reporting them to platforms, contacting your local authorities if you feel unsafe, and reaching out to your workplace or school if they’re mentioned.

Information gathered from public forums or data available on the internet and portrayed here.