In May 2025, 360 Privacy’s Technical Team uncovered two public-facing domains that exposed the personal and professional details of over 23,000 executives. The data exhibited a 97% schema match with a known B2B broker, while the content was fully synthesized using GPT-4o tooling. Through advanced digital forensics, including code artifacts, registry correlation, and behavioral telemetry, we identified the infrastructure’s attribution to a single actor. After corroborating the findings with multi-vector forensics, the team successfully executed takedown protocols within 24 hours, demonstrating a rapid response to this critical threat.
This incident highlights the emergence of generative tooling and broker data pipelines as low-barrier, high-impact tools for large-scale doxxing. What was once a high-cost, specialist endeavor has now become a repeatable threat that can scale quickly with minimal effort. The need for organizations to bolster their defenses has never been more urgent. Our technical brief outlines the investigative path, strategic implications, and the defensive posture required to stay ahead of this emerging threat.
Read the full technical brief here:
