Browse Definitions:
Definition

doxing

Contributor(s): Ivy Wigmore

Doxing is the act of gathering information about a target individual or organization and making it public. The term is hacker-speak for documenting. As a rule, the data gathered is sensitive information that the target doesn’t want broadly known, for any of a number of reasons including customer privacy, compliance requirements and reputation management. The information may be gathered from publicly-available sources, through social engineering or through a hacking exploit.

Doxing is sometimes used for a type of extortion in which an attacker accesses the target’s sensitive data and threatens to make it public unless demands – usually for money – are met. Malware known as doxware or extortionware is often used to facilitate the exploit. Doxing is also sometimes used for legitimate purposes, such as aiding law enforcement. Other motives include cyberbullying, industrial espionage and harrassment, as well as the gray area of social and political activism.

The word doxing entered the broader public domain in 2011, when the hacktivist group Anonymous released information about 1500 users of child pornography sites. That same year, Anonymous published information about 7,000 law enforcement personnel in retaliation for investigations into the group’s hacking activities.

This was last updated in January 2017

Continue Reading About doxing

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

  • internal audit (IA)

    An internal audit (IA) is an organizational initiative to monitor and analyze its own business operations in order to determine ...

  • pure risk (absolute risk)

    Pure risk, also called absolute risk, is a category of threat that is beyond human control and has only one possible outcome if ...

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

SearchSecurity

  • principle of least privilege (POLP)

    The principle of least privilege (POLP), an important concept in computer security, is the practice of limiting access rights for...

  • identity management (ID management)

    Identity management (ID management) is the organizational process for identifying, authenticating and authorizing individuals or ...

  • zero-day (computer)

    A zero-day vulnerability, also known as a computer zero day, is a flaw in software, hardware or firmware that is unknown to the ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity and disaster recovery (BCDR)

    Business continuity and disaster recovery (BCDR) are closely related practices that describe an organization's preparation for ...

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • call tree

    A call tree -- sometimes referred to as a phone tree -- is a telecommunications chain for notifying specific individuals of an ...

SearchStorage

SearchSolidStateStorage

  • hybrid hard disk drive (HDD)

    A hybrid hard disk drive is an electromechanical spinning hard disk that contains some amount of NAND Flash memory.

Close