Give an analyst your full name and the city you live in. Nothing else. Thirty minutes later, using only public sources, here is the kind of picture that comes back:
- your current home address, with a satellite image of the building
- most of the addresses you have lived at over the past twenty years
- current and old phone numbers and email addresses
- the names, and often the addresses, of your spouse, children, parents and siblings
- your employer, your role, and a career history going back further than you would reconstruct from memory
- which online services your email is registered with, and which breaches exposed it
- a decade of photographs pulled from social platforms
No hacking is involved. No illegal access, no dark-web tools. This is ordinary open-source intelligence — the same method journalists, background-check firms, due-diligence teams, and the occasional hostile stranger use every day. What follows is how an analyst gets there, phase by phase, so you can see how an ordinary name turns into a complete profile. For the version of this problem specific to senior professionals, see our Executive Digital Privacy hub.
Who looks? Background-check companies, prospective employers, due-diligence firms, journalists, estranged family, and anyone willing to pay about a dollar on a people-search site. The profile is the same regardless of who is reading it. Seeing that profile as an investor, board or recruiter would read it is a reputation diagnosis in its own right.
Phase 1: The Name Search (Minutes 0–5)
The first step is a basic search: "[Full Name]" "[City]". This surfaces immediately available information — news articles, LinkedIn profiles, company websites, court records that have been indexed, and people-search aggregators.
On average, this returns 15 to 40 distinct results for a typical professional. For executives, public figures, or anyone who has given interviews, attended publicly listed events, or appeared in regulatory filings, the number is considerably higher.
What surfaces in the first five results
For most professionals, the first page reveals:
- Current employer and role — often more current than LinkedIn, because of press releases and company directories
- Home city and sometimes neighbourhood — from event attendance, local news, or charity listings
- Physical description — from conference photos, headshots, and social media
- Professional history — going back 10 to 20 years, often more complete than the individual remembers
- Family connections — spouse names, children's school events, parent obituaries
Phase 2: People-Search Aggregators (Minutes 5–12)
People-search sites aggregate court records, property records, voter registrations, marketing data, and social media into single profiles. The familiar platforms — Spokeo, WhitePages, BeenVerified, Intelius, PeopleFinder, FastPeopleSearch — are only the visible tier; well over two hundred such sites operate in the United States alone, with national equivalents across Europe.
A single people-search lookup typically returns:
| Data Category | Typical Contents | Risk Level |
|---|---|---|
| Current address | Full street address, often with satellite image | Critical |
| Previous addresses | All addresses going back 10–30 years | High |
| Phone numbers | Mobile and landline, current and historical | High |
| Email addresses | Personal and professional, often multiple | High |
| Family members | Spouse, children, parents, siblings — with their addresses | Critical |
| Employment history | Employers, job titles, date ranges | Medium |
| Property ownership | Real estate holdings and purchase prices | High |
| Vehicle registrations | Make, model, year, plate in some jurisdictions | High |
| Court records | Civil litigation, traffic, evictions | Variable |
| Estimated income | Derived from area income and employment data | Medium |
The access problem: a single aggregated profile like this costs less than a coffee, and an unlimited subscription — any number of lookups on any number of people — runs $20 to $40 a month. There is no meaningful barrier between a curious stranger and the full record.
How much of this applies to you?
A digital footprint audit — the engagement we call the Mirror — maps exactly what is accessible about you across the broker and people-search surface, breach databases, and public records, verified by an analyst and delivered in 48 hours.
Phase 3: Social Media and Digital Footprint (Minutes 12–20)
Even "private" social-media profiles leak substantial information. Profile photos, images friends have tagged, event check-ins by other people, and platform-specific data — LinkedIn connections visible to all, public Facebook events, the accounts an X profile follows and likes — build a behavioural and social graph that is often more revealing than direct record lookups.
The metadata problem
Many people scrub the obvious personal details from social media but overlook metadata. Photos posted from home can carry GPS coordinates in their EXIF data before a platform strips it. Repeated check-ins — a gym, a school, a coffee shop — establish a daily pattern. Follow lists and group memberships reveal political, religious, and ideological affiliations.
LinkedIn as an OSINT source
LinkedIn is the single most information-dense public source for professional individuals. A complete profile reveals current and historical employment with dates, educational history, professional connections (who knows whom), geographic mobility, skills and endorsements, publications, and conference appearances — all in a structured, easily parsed format. Even a "private" profile reveals name, current title, and location to any logged-in user.
Phase 4: Breach Data and Credential History (Minutes 20–30)
This is where the picture sharpens. Breach-compilation databases — aggregations of credentials and personal data drawn from thousands of historical breaches — are widely available and actively maintained.
A basic breach lookup on a professional email address typically returns:
- which services the email was registered with (revealing interests, habits, and financial relationships)
- password hashes (crackable for weak passwords used years ago)
- security questions and answers
- historical IP addresses (placing home and work locations at specific dates)
- phone numbers used for two-factor authentication
- date of birth and partial payment-card details from e-commerce breaches
An email address is no longer just a contact method. It is a primary key linking an entire digital identity — and that key has almost certainly been exposed at least once.
What "I haven't been breached" usually means
When a breach check returns nothing, it generally means one of three things: the person uses several email addresses (fragmented exposure rather than none), the breaches holding their data have not yet been indexed by public services, or they genuinely have a minimal online presence. The third case is rare for anyone who has used online services for more than a decade.
Phase 5: Property and Public Records (Minutes 20–30, concurrent)
In the United States, most property transactions are public record. County assessor databases — almost all now online and searchable — reveal ownership, purchase price, mortgage value, assessed value, and often the precise lot boundaries. In much of Europe the equivalents are the land registry, the electoral roll, and the company register: the UK's Companies House, the Dutch KvK, and their counterparts publish directors' details by default, and most are free to search.
For business owners, company-registration databases, regulatory filings, and security-interest registers reveal corporate structure, holdings, and financial obligations. These are all public documents.
What the complete profile looks like at 30 minutes
After half an hour of open-source research on a typical professional, an analyst has:
- full name, current home address, and satellite imagery of the property
- previous addresses going back decades
- current and historical phone numbers and email addresses
- names and addresses of immediate family members
- a full professional history with employer names, roles, and dates
- vehicle registrations in jurisdictions that permit public access
- property holdings and net-worth signals
- daily-routine signals from social media — gym times, commute patterns, school runs
- political and religious affiliations from public records and social follows
- a breach history showing which services were used and what data was exposed
- a photo archive spanning ten or more years across various platforms
The thirty-minute mark is an artificial stopping point, not a ceiling. With hours or days, an analyst adds court records, business filings, domain registrations, forum activity, and archived versions of deleted pages, cross-referencing all of it. The profile gets more detailed and more accurate over time, not less.
The executive exposure problem
High-profile individuals carry compounded exposure. C-suite executives appear in regulatory filings (proxy statements list compensation, and sometimes a home address and stock holdings). Board members appear in corporate records. The equity stakes of public-company officers are disclosed on a schedule. Larger charitable donations surface in public filings. Speaking fees, book deals, and broadcast appearances are reported by media outlets and archived indefinitely.
The paradox is that professional success — the accumulation of public-facing achievements — increases exposure in step with it. The more prominent a person becomes, the richer the profile an analyst can assemble.
What you can actually do about it
Not all of this exposure can be removed, but the surface can be reduced substantially through a combination of data-broker opt-outs, statutory deletion requests, and ongoing monitoring. The work is sustained rather than one-off — records repopulate from source feeds — and no removal is ever complete. The most rigorous independent test of the removal industry, Consumer Reports in 2024, measured manual people-search opt-outs at around 70 per cent over four months, ahead of every paid automated service; the honest figure is "most, not all." We cover that evidence in do data broker removal services actually work.
The interventions that matter most, in order of impact:
- Data-broker and people-search removal across the major sites, which is what shrinks the aggregated profile. See the direct opt-out guide.
- Breach credential rotation — changing passwords exposed in historical breaches removes the value of cracked credentials and disconnects old accounts from your current identity.
- Social-media hygiene — tightening privacy settings, stripping location data, and auditing tagged content reduces the behavioural intelligence available from public sources.
- Public-record management — in some jurisdictions you can request address suppression from electoral and property records; specialist legal advice helps.
- Ongoing monitoring — the exposure does not end after a cleanup, so watching broker sites, breach databases, and newly indexed content keeps the picture current.
Every one of those steps depends on first knowing what is actually out there. That is the point of the audit: before you can reduce your exposure, you have to see it the way someone searching you would. A digital footprint audit assembles exactly the profile described above — but about you, verified by an analyst — so the cleanup that follows is aimed at real findings rather than guesses. If you would rather start smaller, a free Snapshot Scan gives you a first look at what a search on your own details returns.