Executive & family privacy briefings
25 briefingsExecutives face a threat model that sits outside the scope of most corporate security programmes: personal targeting, enabled by open-source data that any adversary can access without authentication. The briefings in this collection address that model directly.
The records that create the exposure are held by data brokers, people-search platforms, company registries, and breach corpora. They include home addresses, family member names, personal phone numbers, and credential fragments — assembled from public sources without the subject's knowledge or consent, and queryable by anyone prepared to spend an afternoon on it. When those records reach a threat actor targeting a senior figure, they enable physical surveillance, social engineering, credential-based account compromise, and doxing campaigns.
These briefings cover the four executive threat types and how each operates, the country-specific removal mechanics for the broker systems that create the exposure, the infostealer economy that circulates personal credentials, and the protective disciplines — OPSEC hardening, broker erasure, active monitoring — that reduce the surface. The research is primary-source and practitioner-level; it assumes a reader who wants to understand the mechanism, not a summary of industry guidance.
Executive Privacy
View hub →The Structural Doxing Problem: European Executives Face Harder Exposure Than Their US Peers
From Rotterdam to Glasgow, activist campaigns are targeting corporate offices across Europe through supply-chain research. In September 2025, that escalation reached executives' personal residences in the UK. Here is what the research chain looks like — and what you can do about it.
ANALYSISWhen Privacy Becomes a Price Tag: The Three-Tier Problem in Europe’s Data Market Debate
A Bruegel working paper proposes regulated data markets as Europe’s fix for the consent impasse. On examination, the three-tier model makes full privacy available only to those who can pay for it.
ANALYSISEU Facial Recognition: Loud Regulation, Quiet Enforcement
The EU has the strictest facial-recognition rules in any major jurisdiction. It also has Clearview AI, fined more than €110 million across five member states, paying nothing, still indexing EU residents’ faces. The gap between regulation and enforcement is the story.
GUIDEWhat Traces Do You Leave Online: The Silent Data Trail
Your visible online presence is only the surface. Below it sit contact graphs built by others, location broker pipelines, insurance registers, archive snapshots, and an AI assistant layer that logs and may train on everything you type.
METHODHow a Mirror Investigation Runs
What actually happens in 48 hours of a Mirror investigation: the four sequential stages a finding moves through before it appears in the report.
GUIDEIs Doxxing Illegal? How EU, UK and US Law Treat It in 2026
How doxxing is treated under Dutch, German, French, UK and US law in 2026: dedicated criminal statutes, GDPR overlay, federal-and-state patchwork, and what victims can do.
ANALYSISThe Identity Pack: How Breaches Without Credentials Fuel Executive Targeting
When a breach notification says no credentials were exposed, the data that was exposed is often exactly what executive targeting is built from.
ANALYSISThe Reconnaissance Phase: Why Whaling Attacks Start With Your Data Broker Listings
BEC and whaling attacks rely on personal data gathered during the reconnaissance phase. Removing that data from brokers and breach databases disrupts the attack before it begins.
ANALYSISAgentic AI Is Building Executive Profiles. Here’s What Feeds Them.
AI search engines build executive profiles by connecting data across brokers, breach databases, and public registries in real time.
GUIDEDeepfake Detection: A Practical Guide for Executives and Their Teams
How deepfake fraud works, why detection alone is failing, and the verification protocols that actually prevent losses.
METHODOSINT Research vs Stalkerware: Where Investigation Ends and Surveillance Begins
The FOUR rubric used by law enforcement — Fixated, Obsessive, Unwanted, Repeated — applied to the line between legitimate OSINT research and stalkerware surveillance, from both the investigator's and target's perspective.
GUIDEHow Executives Get Doxxed — and What Europe Is Doing About It
From the CEO Database to the Netherlands' first doxxing arrest, executive targeting has become organised. Here is where the data comes from, what the law now says, and what you can do about it.
GUIDEWhat Is a Digital Footprint — and How Attackers Use Yours
Your digital footprint is the sum of all data that can be linked back to you online. Here is what it contains — and how attackers exploit each piece.
GUIDEIf You Were in the Odido Breach — What to Do Now
The Odido dataset is public. If you were a customer — even a decade ago — your data is likely in it. This is what the exposure enables, and what closes it.
METHODThe Mosaic Effect: How Harmless Data Combines Into a Complete Profile
Your employer is public. Your general location is public. Your gym, your commute pattern, your lunch spot — all public. None of it is sensitive on its own. But combine them, and something qualitatively different emerges.
ANALYSISWhat Cryptocurrency Transactions Reveal About You — Without You Knowing
Bitcoin transactions do not contain your name — but pseudonymous is not anonymous. The moment a wallet address links to your identity, that link is permanent and retroactive. Covers KYC breach risk, blockchain tracing methodology, Monero's reputational problem, and the Bitfinex and Colonial Pipeline cases.
ANALYSISIf Dutch Ministers Could Not Stay Out of the Odido Dataset, You Probably Didn't Either
Four ministers. A senior intelligence officer. Three individuals under active government protection. The Odido breach did not distinguish between ordinary customers and people who thought they were managing their exposure. What each data field enables — and why the window for acting is narrowing.
GUIDEThe Accounts You Forgot About Are the Ones That Expose You Most
Most people think about their current online presence. They overlook the usernames, photos, emails, and forum posts from a decade ago — and that is exactly what attackers are looking at.
ANALYSISYour Digital Profile Already Exists. You Just Have Not Seen It.
Before anyone searches for you, your profile is already assembled. Three freely available layers — social media, data brokers, and breach data — combine into something far more complete than most people realise.
ANALYSISThe OSINT Ethics Spectrum: When Does a Tool Become a Weapon?
Sherlock, GHunt, SpiderFoot, Recon-ng, Maltego — the same tools used in legitimate investigations are used in stalking and doxxing. A feature-by-feature ethics map of the most popular OSINT platforms.
GUIDEPunch the Monkey: OSINT and the Battle of Narratives
A baby spider monkey, three conflicting headlines — and a masterclass in how the same footage can be spun into entirely different stories. Here is how OSINT methodology cuts through viral fiction to find what is actually true.
INTELWhat Investigators See When They Search You: A 2026 OSINT Breakdown
A step-by-step walkthrough of how OSINT analysts build a complete profile on any individual using only public sources in 2026 — and what you can do about it.
INTELWhy Using AI for OSINT Leaves a Trail — And What to Do Instead
Using ChatGPT or Perplexity for OSINT research leaves an auditable trace that compromises operational security. Why automation with manual interpretation is the correct methodology.
INTELHow Criminals Bypass KYC Checks Using Your Leaked Data
KYC identity verification was designed to stop fraud. Here's how criminals use your leaked data to defeat it — and what that means for your exposure.
INTELSchrödinger's Intel: The Zero-Trust Approach to OSINT
Until verified, everything is both real and fake. Learn how to apply Zero-Trust principles to validate intelligence in an age of AI-generated deepfakes and synthetic content.
If you want to know what a search like this returns about you, a Snapshot Scan tells you in 48 hours.
See The Mirror