The 15 Most Infamous Streamer/Influencer Doxxings

The 15 Most Infamous Streamer/Influencer Doxxings

Redacto
7 min read

Categories: Cybersecurity, Data, Data Privacy, Data Safety, Digital Footprint, Social Media

Doxxing turned into a distinct and dangerous tool in online culture because creators often publish a lot of personal information to build a fanbase. That public footprint makes it easier for bad actors to locate and weaponize phone numbers, addresses, or private images. When an influencer is doxxed the result can be persistent harassment, swatting, lost income, legal battles, and long-term reputational damage.

Doxxing directed at creators also often spreads through fandoms, rival fandoms, and message boards that amplify a single post into a sustained campaign. Platforms have at times reacted slowly or inconsistently, leaving targets to pursue law enforcement or private security. Because many creators rely on ad revenue, sponsorships, and direct community support, the personal consequences can quickly become financial as well as emotional.

This article highlights 15 noteworthy doxxing incidents or campaigns that targeted creators, streamers, or influencers. Each entry summarizes what happened, why it mattered, and the broader takeaway for creators and platforms.

Top 15 Worst Influencer/Streamer Doxxings (so far)

  1. Clara “Keffals” Sorrenti (Twitch) – August 2022: Personal details were posted online, leading to repeated swattings and forced relocation during the #DropKiwiFarms campaign.
  2. jacksfilms (YouTube) – October 2023: A feud escalated when SSSniperWolf exposed Jacksfilms home location on social media, prompting platform penalties and safety concerns.
  3. Zoë Quinn (game dev/creator) – August 2014: Address and other personal information were published during the early Gamergate period, triggering sustained harassment and safety risks.
  4. Anita Sarkeesian (media critic/YouTuber) – August 2014: Personal information circulated alongside threats; the doxxing culminated in heightened security and event cancellations in October 2014.
  5. Brianna Wu (developer/creator) – October 2014: Home address was posted and amplified with violent threats, forcing temporary evacuation and police involvement.
  6. Ice Poseidon (Kick/YouTube) – May 2016: After address exposure, a false threat tied to the doxxing led to removal from a commercial flight and intensified harassment.
  7. IShowSpeed (YouTube) – August 2022: Address information surfaced and he was swatted live on stream, resulting in on-camera police response.
  8. Adin Ross (Twitch/YouTube) – November 2022: Dozens of calls targeted his disclosed location during a live broadcast, resulting in repeated swatting incidents.
  9. Amouranth (Twitch) – September 2022: Location and contact details leaked online preceded multiple swattings and stalking episodes.
  10. xQc (Twitch) – 2020–2021: Multiple doxxing events exposed locations tied to his streams, leading to several relocations and safety measures.
  11. QTCinderella (Twitch/YouTube) – 2020: Home details were circulated online; subsequent harassment included swatting and prolonged safety concerns.
  12. Valkyrae (Twitch/YouTube) – 2023: Location information tied to an IRL stream was posted and amplified, leading to an in-person stalker confrontation and increased security.
  13. Nadia Amine (Twitch) – August 2022: Doxxing in the same time frame as other streamers triggered a swatting incident during broadcasts.
  14. Dream (Minecraft creator) – December 2021: Personal information and photos were distributed by doxxers while he was still pseudonymous, sparking large-scale harassment.
  15. Belle Delphine (creator) – 2019: Account and personal details were exposed online, generating targeted harassment and safety issues.

Technical Methods and Defensive Measures

How doxxers find personal information (high level)

Doxxing is usually not magic. Attackers combine publicly available data with leaked or purchased data and human tricks to connect a person’s real identity to their online persona. Three broad techniques show up again and again.

OSINT Aggregation

Open source intelligence or OSINT means collecting information from publicly accessible sources and combining it to create a fuller picture. That includes social profiles, forum posts, archived pages, image metadata, public comments, and product reviews. Individually these items may look harmless. Together they can reveal addresses, family names, workplaces, travel patterns, and other private details.

Leaked and Purchased Data

Large data breaches and public leaks keep appearing. When breach data circulates it can contain email addresses, phone numbers, and in some cases partial identity documents. Attackers use these breaches or commercial data broker dumps to match records to an online identity.

Social Engineering and Cross-Platform Correlation

Social engineering is about manipulating people or support systems to reveal information. Attackers also correlate fragments across platforms. For example, a username used on a small forum might be tied to a real name on a crowdfunding page, and that real name can lead to public property records, social posts, or a LinkedIn profile.

Common doxxing sources to be aware of

  • Public social media and forum posts where people share personal details or photos
  • Image metadata embedded in photos and videos that can include location data. There are many tools available to strip this data.
  • Archived web pages and cached snapshots that preserve old personal info
  • Data broker and people search sites that aggregate public records and commercial sources
  • Breach databases and paste sites where leaked credentials or contact info may appear
  • Domain registration records and business filings that list owners or administrative contacts

Practical countermeasures for creators and teams

Reduce Exposure

  • Audit your public footprint. Search for your key usernames, email addresses, and real name periodically to see what is visible.
  • Avoid reusing the same username or email for public channels and private accounts. Use a dedicated public handle and keep personal accounts separate.
  • Strip metadata from images and video before posting. Many publishing tools and phone settings allow you to remove or disable location metadata.

Lock down accounts and identity signals

  • Use strong, unique passwords and enable two factor authentication on every account that supports it.
  • Use a separate email address for public contact and another for account recovery and personal use. Consider a forwarder or alias service for public-facing contact info.
  • Minimize personal details in social bios and on public profiles. Treat them like press releases, not diaries.

Limit third-party exposure

  • Opt out where possible from people search and data broker listings. Many vendors provide opt-out forms for removing a profile or phone number.
  • Use domain privacy services when registering domains to hide personal contact information in registration databases.
  • Review and tighten privacy settings on platforms you use. Revoke unused third-party app permissions.

Prepare for incidents

  • Keep an incident kit: screenshots, timestamps, copies of the doxxed material, links, and contact info for your lawyer or digital security advisor.
  • Know how to report abusive content on each platform you use and where to submit privacy or DMCA takedown requests.
  • Consider a credit freeze or fraud alerts if sensitive financial identity information is exposed.

Legal and support options

  • If the doxxing includes threats, stalking, or identity theft, document everything and contact local law enforcement.
  • Reach out to nonprofit digital rights and harassment support groups for guidance and referrals. Many organizations also provide template letters and takedown assistance.

Quick checklist to reduce risk

  1. Audit public usernames and emails monthly
  2. Strip EXIF and location metadata before posting media
  3. Use unique passwords and enable two factor authentication
  4. Use domain WHOIS privacy and limit business filings that expose home addresses
  5. Submit opt-outs to major people search sites and data brokers
  6. Maintain an incident kit with screenshots and timestamps
  7. If threatened, contact law enforcement and seek legal counsel

Legal Recourse & Resources

If you or someone you know has been doxxed, there are legal and procedural steps that can help limit the damage:

  • Cease & desist letters: A formal letter sent by an attorney can sometimes stop further sharing of private information. It establishes a legal record that the activity is unwanted and harmful.
  • Takedown requests: Victims can file DMCA notices (for copyrighted material such as photos) or privacy takedown requests with platforms like Google, Twitch, and X. Each platform has its own form for reporting non-consensual personal information.
  • Law enforcement: In the U.S., doxxing may fall under cyberstalking, harassment, or identity theft laws, depending on what information was shared and how it was used. Victims can file police reports to create a documented case.
  • Civil action: Victims sometimes pursue lawsuits for invasion of privacy, intentional infliction of emotional distress, or damages related to threats and financial loss.
  • Data protection laws: In Europe and other regions, the GDPR and similar frameworks can be leveraged to demand removal of personal data that was published without consent.

Support & Advocacy Groups