Executives face critical risks from Personally Identifiable Information (PII) exposed online. The average executive has 329 pieces of PII exposed publicly, which includes home addresses, phone numbers, car registrations and family information.
Hackers use this public information — gathered from social media, the dark web and other sources — to craft digital and physical attacks. They commonly deceive executives through emails, texts, calls and LinkedIn messages, manipulating executives into sharing sensitive information or taking actions that harm themselves or their company.
Beyond immediate impacts like system breaches or data theft, attacks erode trust—among employees, creditors, policymakers and others—leading to long-term reputational and financial damage. Rally portfolio company Picnic offers a unique solution to mitigate these risks. By continuously discovering and removing exposed data, Picnic helps safeguard executives and their families from such threats.
Picnic Founder and CEO Matt Polak shared a few tips with us on how attackers exploit personal data. Everyone’s online footprint varies, but attackers commonly target three key data sources: LinkedIn, data brokers and the dark web. Here’s how to protect yourself:
- LinkedIn: Avoid sharing specific location details (e.g., use “Greater New York Metro” instead of “Glens Falls, NY”) and remove personal data like birthdays, personal emails or phone numbers from your profile.
- Data Brokers: Using the above information, people can then research you and find additional information via data brokers. One way to limit the information available to data brokers is to limit what you share when signing up for services. Use fake or burner emails and phone numbers to prevent data brokers from aggregating sensitive information.
- Dark Web: The most significant dark web risk involves exposed passwords. Use a password manager, practice strong password hygiene and monitor your email accounts for breached credentials.
PII exposure is an ongoing challenge, with data brokers frequently reposting removed information. Additionally, third-party breaches and everyday digital activities continually expose new data. For executives in high-profile roles, safeguarding personal data is critical in preventing both digital and physical attacks.
Picnic’s continuous monitoring and removal process ensures proactive protection against these evolving threats. You can find more information about Picnic on their website.
