SCOTUS judges 'doxxed' after overturning Roe v Wade
Physical and IP addresses as well as credit card info revealed in privacy breach
The US Supreme Court justices who overturned Roe v. Wade last month may have been doxxed – had their personal information including physical and IP addresses, and credit card info revealed – according to threat intel firm Cybersixgill.
As expected, the fallout from the controversial ruling, which reversed the court's 1973 decision that federally protected access to abortion, has been immense, creating deep ripples across the cybersphere where data privacy concerns abound.
In response, Democrat lawmakers have introduced bills to make it illegal for data brokers to sell sensitive location and health information about medical treatment, the Federal Trade Commission warned companies it will take legal action against businesses selling this type of personal data, and some tech giants such as Google have pledged to auto-delete location information that could be used to prosecute women seeking medical procedures in states where they are now illegal.
In a twist on using personal data for questionable purposes, it appears some hacktivists are taking matters into their own hands and seemingly leaked private information about five conservative Supremes: Justices Samuel Alito, Clarence Thomas, Neil Gorsuch, Brett Kavanaugh and Amy Coney Barrett, according to research published today by Cybersixgill's security research lead Dov Lerner.
Although Chief Justice John Roberts voted with the majority, the doxxers didn't expose his personal data.
Lerner, who told The Register he found the doxes on "various dark web forums," said the "most notable" dox happened on June 30, and alleges to include physical addresses, IP addresses, and credit card information, including CVV (which the doxers called "little funny 3 numbers on the back") and expiration date.
One of the perps claimed to post the justices' information because they "focus[ed] on something unnecessary rather than focusing on bigger issues in [A]merica."
In a separate forum post, a doxxer published what's said to be Alito's and Thomas' spouses names, birthdays, email addresses, phone numbers, social media accounts, and vehicle makes and models, judging from a screen shot.
The threat intel firm can't verify the data's authenticity. This comes after the judges' personal information was shared on TikTok by furious Gen Zers, and so it's likely these forum posts and videos are in some way linked.
- FTC suddenly gets very stern about not-really-anonymized anonymized data
- Big Tech silent on data privacy in post-Roe America
- FTC urged to probe Apple, Google for enabling 'intense system of surveillance'
- Now you can officially dox Scrabble players, thanks to the new dictionary definitions
Several other doxxes of the five justices also included similar information, we're told. Most of these were posted anonymously, but three were from named doxxers, once of which has been active since April 18 and targets other political and business figures, including Lauren Boebert, Peter Arrendondo, Susan Wabbajack, and Jamie Dimon, Lerner wrote.
And although much of the data shared is public — of course, credit cards and IP addresses don't fall into this bucket — the time and effort put into locating and aggregating this data is worrisome, Lerner said, noting that his security shop expects more of these "hacktivist attacks" as the US political climate becomes even more charged.
"On its own, outing the personal details of an individual and their families constitutes an intimidating invasion of privacy," Lerner noted. "At its worst, it invites others to act on the basis of the shared data and harass the doxed individuals in all sorts of cyber and physical forms." ®