Personal Information Becomes a Weapon: Consequences of Data Broker Exposure

The Minnesota Political Assassination Plot: A Chilling Case Study

On June 14, 2025, Minnesota witnessed one of the most disturbing examples of how personal information sold by data brokers can become a tool for deadly violence. Vance Boelter, a 57-year-old security professional, systematically used data broker websites to stalk and assassinate elected officials, killing Democratic State Rep. Melissa Hortman and her husband Mark, while critically wounding State Sen. John Hoffman and his wife Yvette.

The investigation revealed the disturbing scope of Boelter's planning. Federal authorities discovered notebooks in his vehicle containing the names of 45 Minnesota state and federal officials—all Democrats—along with detailed personal information including home addresses, family details, and tactical surveillance notes. But perhaps most chilling was his methodical use of 11 different people-search websites to gather this intelligence.

According to court documents, Boelter's notebook contained a literal shopping list of data brokers, including TruePeopleSearch, Spokeo, Pipl, PeopleFinders, BeenVerified, Whitepages, TruthFinder, Intelius, Ownerly, USSearch, and PeopleLooker. These bargain-bin services, costing as little as $0.95 to $5 per search, provided him with everything needed to locate, surveil, and ultimately attack his victims.

Acting U.S. Attorney Joseph Thompson described how "Boelter planned his attack carefully... He researched his victims and their families. He used the internet and other tools to find their addresses and names, and the names of their family members". The suspect's preparation included mapping routes to victims' homes using GPS, studying their properties, and creating detailed notes such as "big house off golf course, two ways in to watch from one spot".

The Judge Salas Attack: Another Tragic Example

The Minnesota case tragically echoes the 2020 attack on federal Judge Esther Salas, which led to the death of her 20-year-old son Daniel and critically wounded her husband. The attacker, lawyer Roy Den Hollander, had created an extensive dossier on Salas using information easily purchased online.

The FBI investigation revealed that Hollander had been stalking the Salas family for months, with detailed notes about routes the judge took to work, her son's school, and where the family attended church. Judge Salas later testified that "judges' addresses could be purchased online for just a few dollars, including photos". This attack directly led to the passage of Daniel's Law in New Jersey and similar federal legislation designed to protect judges' personal information from data brokers.

The Growing Threat Landscape

These high-profile cases represent just the tip of the iceberg. Violence against public officials and their families is on the rise, with threats against federal judges increasing 400% in the last five years, totaling more than 4,200 threats in 2020 alone. Recent incidents include the murders of New Jersey Councilwoman Eunice Dwumfour in February 2023 and Maryland Judge Andrew Wilkinson in October 2023.

Law enforcement officials are increasingly finding themselves targeted through data broker information. A class-action lawsuit in New Jersey revealed how corrections officers and police have been threatened by criminals who used data brokers to access their personal information. One corrections officer discovered that an inmate who had threatened them possessed a note with their home address, obtained through these services.

How Data Brokers Enable Stalking and Violence

Data brokers aggregate information from public records, social media, commercial databases, and other sources to create comprehensive profiles that can include names, addresses, phone numbers, birth dates, family connections, property ownership, income estimates, and social media handles. These profiles are then sold to anyone willing to pay, with no meaningful background checks or verification of legitimate use.

The Consumer Financial Protection Bureau has highlighted how "data brokers explicitly advertise lists targeting decision makers at government organizations primarily engaged in national security" and allow buyers to combine categories to identify vulnerable targets. Duke University researchers demonstrated how easy it is to purchase financial information about active-duty servicemembers, including income, net worth, and credit ratings.

Abuse survivors face particular dangers from this industry. As advocacy groups note, "When a home address or phone number is a click away, it's far too easy for abusers to use it to stalk, threaten, or harass survivors". There are over 500 data brokers operating in the United States, each with different opt-out procedures, making it nearly impossible for individuals to protect themselves without professional help.

The Executive Protection Response

The threat posed by data brokers has made personal information removal a critical component of executive protection programs. Security professionals now recognize that "anyone, including cybercriminals, activists, and stalkers, can purchase an executive's personal information on a data broker or use people search sites to find their home address, private phone numbers, email accounts, and names of relatives".

Executive protection firms emphasize that "an attacker looking to dox or scam an executive will often start by pulling their target information from data broker websites". This has led to the development of digital executive protection services that continuously monitor and remove personal information from data broker sites, as the information often reappears when databases are updated.

June 2025: A Month of Massive Data Breaches

The Minnesota assassination plot occurred during a month that saw some of the largest data breaches in history, further highlighting the vulnerability of personal information. The most significant was the exposure of 16 billion login credentials across over 30 separate datasets, affecting major platforms including Facebook, Google, Apple, GitHub, and Telegram.

Other major breaches in June included a 6.5 million password leak from LinkedIn and the discovery of a database containing over 4 billion personal records including names, addresses, phone numbers, and partial credit card data. These incidents demonstrate the scale of personal information circulating in criminal networks, often originating from legitimate data broker operations.

The TeleMessage breach exposed encrypted communications from US government officials, while the United Natural Foods cyberattack disrupted food distribution to major retailers. Each of these incidents adds to the vast pool of personal information available to threat actors seeking to target individuals.

The Urgent Need for Reform

The deadly consequences in Minnesota underscore the urgent need for comprehensive data broker regulation. Current protections are patchwork at best, with only six states having passed laws to protect public officials' personal information, and these laws don't protect all vulnerable populations.

The DELETE Act, moving slowly through Congress, would provide federal protections similar to California's law, giving all Americans the right to demand that data brokers stop collecting and selling their data. However, the legislation faces significant industry opposition despite being endorsed by dozens of civil and human rights organizations.

As the Minnesota case demonstrates, the intersection of readily available personal data and political violence represents a clear and present danger to democratic institutions. When anyone can purchase detailed personal information about elected officials for less than the cost of a coffee, we create an environment where political violence becomes tragically easy to execute.

The time for meaningful reform is now, before more families suffer the devastating consequences of an industry that profits from making everyone a potential target.

Explore more from Our Team

Browse more posts written by our team to help you stay in control.