// Dark Scrub Blog
What Data Brokers Know About You (And How They Got It)
Go to Spokeo.com right now and search your name. What you'll find might unsettle you: your current address, previous addresses, phone numbers, email addresses, age, estimated income, political affiliation, known relatives, and sometimes even a photo. All of it publicly accessible to anyone who visits the site.
Spokeo is one of hundreds of data brokers operating in the United States. Together, they've built a shadow profile on virtually every American adult — a file you never consented to, can't easily access, and didn't know existed until just now.
Here's what's in that file and how it got there.
The Data
Data brokers collect and aggregate information across dozens of categories. The specific data varies by company, but a typical profile includes the following.
Identity information: Your full legal name, maiden name, aliases, date of birth, and age. For many people, this also includes a Social Security number or partial SSN, though this is typically sold to business clients rather than displayed publicly. Contact information: Current and previous phone numbers (landline and mobile), email addresses (often including old ones you've forgotten about), and current and previous mailing addresses. Household and family data: Names of relatives, roommates, and known associates. Estimated household size. Marital status. Names and ages of children in some cases. Financial estimates: Estimated income range, estimated net worth, home ownership status, estimated home value, mortgage information, and credit score range. These aren't pulled from your bank account — they're inferred from public property records, census data, and purchasing behavior. Demographic and lifestyle data: Education level, occupation, religious affiliation, political party registration, hobbies and interests (inferred from purchase data and online behavior), and vehicle ownership. Digital footprint: Social media profile URLs, online usernames, and in some cases browsing behavior aggregated from tracking cookies and data partnerships. Legal and public records: Court records, bankruptcy filings, liens, judgments, professional licenses, and voter registration records.This isn't speculation. These are the categories listed in data broker registrations filed with the State of California under the DELETE Act.
How They Got It
Data brokers don't hack into your accounts. They don't need to. Your information flows to them through entirely legal channels.
Public records are the foundation. Birth certificates, marriage licenses, divorce records, property deeds, mortgage filings, voter registrations, court records, and professional licenses are all public information in most states. Data brokers purchase bulk access to these records from government agencies or harvest them from publicly accessible databases. Purchase and transaction data comes from retailers, loyalty programs, credit card companies, and e-commerce platforms. When you use a grocery store rewards card, sign up for a warranty, or make an online purchase, the transaction data — what you bought, when, where, and how much you paid — can end up in a data broker's file. This usually happens through data partnerships and "affiliate" agreements buried in the terms of service you didn't read. Social media and online activity is a goldmine. Data brokers scrape publicly available social media profiles for names, photos, locations, relationships, and interests. If your Facebook profile is public, your Instagram is open, or your LinkedIn shows your employment history, all of that information feeds directly into broker databases. Tracking cookies and advertising networks add browsing behavior to the mix. Other data brokers sell to each other. The industry is a web of data partnerships. Acxiom sells to marketing firms, which sell to people-search sites, which sell to background check companies. Your information gets copied, repackaged, and resold through layers of intermediaries, making it nearly impossible to trace the original source. You are also a source. Every time you fill out an online form — a sweepstakes entry, a free trial, a "what's my home worth" calculator — you're potentially feeding data directly to brokers. Many of these forms exist primarily to collect personal information for resale.Why It Matters
The standard response to data broker exposure is "I have nothing to hide." Here's why that's the wrong framework.
Physical safety. Your home address is publicly searchable. If you're a domestic violence survivor, a public figure, a teacher, a healthcare worker, a judge, or anyone who has ever been harassed or threatened, that address listing is a direct safety risk. Data brokers don't evaluate who's searching for your information or why. Identity theft. Data brokers provide the building blocks for identity fraud. A scammer who knows your full name, date of birth, current address, previous addresses, and relatives' names has enough information to pass many identity verification checks. The 2024 National Public Data breach exposed an estimated 2.9 billion records — and that was a single data broker. Targeted scams. The more a scammer knows about you, the more convincing their phishing attempts become. If they know your name, your bank, your recent purchase history, and your employer, they can craft an email or phone call that feels legitimate. Data broker files provide exactly this kind of detail. Professional consequences. Background check companies purchase data from data brokers. Old addresses, estimated income, inferred political affiliations, and other data points can surface in employment screening, rental applications, and professional licensing reviews — sometimes inaccurately. The compounding problem. Each individual data point might seem harmless in isolation. Your name is public. Your address is on your driver's license. Your phone number is in the directory. But when a data broker combines all of these into a single, searchable profile and makes it available to anyone with an internet connection, the aggregate creates a detailed picture of your life that no single source was intended to provide.What You Can Do About It
The data broker industry thrives on inertia. Most people don't know their data is being sold, and the ones who do find the removal process too tedious to complete.
But removal is possible.
Start with a self-audit. Search yourself on the major people-search sites (Spokeo, BeenVerified, Whitepages, TruePeopleSearch, FastPeopleSearch, Radaris) to understand your current exposure. You can't fix what you can't see. Opt out of the highest-risk sites first. Prioritize sites that display your full address and phone number publicly. These are the ones that create the most immediate safety and privacy risk. Reduce the sources. Lock down social media privacy settings. Stop using loyalty cards and rewards programs tied to your real identity. Use a burner email for online forms. Remove yourself from voter registration public lookups where your state allows it. Consider professional help. The DIY approach works, but it takes 15-20 hours for the initial round and requires ongoing maintenance. Professional removal services handle the process for you and re-check for re-listings.We've published a complete step-by-step removal guide on this blog: How to Remove Yourself from Data Brokers in 2026.
Dark Scrub is a privacy consulting service. We help individuals take control of their digital exposure through data broker removal, facial recognition auditing, and privacy consulting. Learn more at darkscrub.com.
Too much work? We handle all of this for you — verified, encrypted, and thorough.
View Service Tiers