10 minutes of reading

The exposure of Dow 30 board members on people search sites

More than 6 months ago, on December 4, 2024, the CEO of UnitedHealthcare was tragically shot and killed in New York City. Although the exact reasons for this crime have not yet been determined, it is evident that it was not a random act of violence.

The main suspect in this case is currently facing several charges, including two related to “stalking.”

Crimes like this often involve a phase where the perpetrator gathers information, selecting and tracking their victim using various resources. People search sites (PSS) offer a convenient summary of the type of information someone with bad intentions might need to carry out their plans.

While these websites are not the only way to gather such information, they are among the most accessible and comprehensive resources available to the public.

For this reason, the research team at Incogni investigated how likely it is for board members to be found on people search sites.

Furthermore, our team of researchers investigated the frequency of data breaches within each of the Dow 30 (Dow Jones Industrial Average) companies, considering this as a key factor in assessing how employee data security is managed.

Below is a summary of our findings.

Table of Contents
Key insights
General overview
Exposure of board members based on the sector they work in
Are board members of either gender likely to be exposed more often?
Does the state of residence influence exposure on people search sites?
Do data breaches influence exposure rates?
Is there a link between revenue and board members’ exposure?
What personal information of board members is potentially exposed online
Conclusions
Methodology
Public data

Key insights

These are some of the main findings of both the Incogni and McDermott et al. studies:

  • Nearly three-quarters of the board members investigated are likely to be found on at least one people search site.
  • Of the board members likely to have data exposed on PSS, 77.6% are likely to be found on three or more people search sites.
  • Directors in companies classified as producing consumer staples are the most exposed, with 84% likely appearing on at least one people search site.
  • Male board members have their data exposed more frequently than their female counterparts, at 76% compared to 68%.
  • Within the Dow 30, the Consumer Staples, Industrials, and Technology sectors have each experienced two employee data breaches since 2009.

General overview

For this research, Incogni closely examined the online privacy of 325 board members from Dow 30 companies. 

Out of this group, only 20 board members had their basic information, such as age and state/city of residence, hidden from public access, making it difficult to search for them on people search sites. Additionally, 18 board members reside outside the US and were therefore excluded from checks for data availability on these sites.

For the remaining 287 board members, our team used Incogni’s scanning technology to determine how many are likely to be found on people search sites.

Here is what they found:

  • Board members are exposed online: Of the 287 board members considered, 223 likely had their personal information exposed on at least one people search site. 

This means that 73% likely have their personal information available online.

  • Private industry is as lax about privacy as the public sector: When we compared the exposure of US House members in 2024 to that of Dow 30 board members, we found that both groups have a similar likelihood of having their personal information exposed. 

About 75% of US House members and 73% of Dow 30 board members are likely to have their data available online.

To understand the extent of the problem, Incogni’s research team also looked at how many people search sites had information on each exposed board member.

The basic rule is straightforward: the more people search sites that display a board member’s information, the less private their personal details are. This can have serious consequences, as it makes it easier for someone, including those with malicious intentions, to gather their information.

Here’s a brief summary of the findings:

  • Fewer than a quarter of board members are likely listed on just one or two people search sites.
  • This means that over three-quarters (76%) are likely listed on three or more sites.
  • More than a quarter (26%) are likely listed on over 20 sites.
  • 17% of board members are likely listed on 25 or more people search sites.

Exposure of board members based on the sector they work in

The Dow 30 includes companies from various sectors, such as industrials, technology, and financials, among others.

Our research team examined the exposure of board members based on the sectors they represent in order to identify any differences.

Board members from companies in the Consumer Staples sector are the most likely to be found on people search sites, with 84% likely exposed, followed by board members from the Industrials (81%), Technology (77%), and Consumer Discretionary (73%) sectors.

Conversely, board members from the Communications sector are the least exposed, with 53% likely found on these sites, followed by those in the Energy and Materials sector (60%) and Healthcare (62%).

It’s important to note that no industry—or individual company—has fewer than half of its board members likely exposed on people search sites. This suggests that companies either do not take special measures to protect the privacy of their board members or that measures they do take are ineffective.

Are board members of either gender likely to be exposed more often?

Another aspect our team explored was the exposure of board members on people search sites based on gender.

Males are slightly more likely to be found, with 76% likely exposed, compared to 68% of female board members.

Although the difference is not significant, the data suggests that both genders have a high likelihood of having their personal information exposed on these platforms.

Does the state of residence influence exposure on people search sites?

Our research team also determined whether a board member’s primary state of residence influences their likelihood of being exposed.

Each state has its own privacy regulations, which affect how easily—or even if—it is possible to remove individuals from people search sites.

California is often cited as a leading example of a state with strong privacy laws, thanks to the California Consumer Privacy Act (CCPA), which is considered one of the strictest privacy regulations in the US.

For the analysis, the Incogni team focused on states and districts with ten or more board members: California, New York, Texas, Florida, Illinois, New Jersey, DC, and Ohio. States with fewer board members were excluded, as small sample sizes can distort statistical data.

Here are the findings:

  • Florida (87%) and Illinois (85%) have the highest likelihood of board members being discoverable, followed closely by New York (84%).
  • California, despite its strict privacy laws, is not far behind, with 76% of board members likely exposed.

Ohio rounds out the list, with 73% of board members likely exposed.

Do data breaches influence exposure rates?

Given the high numbers of board members being exposed on people search sites, we wanted to determine whether the companies and industries in question have also demonstrated data vulnerabilities in the past. 

To do this, our research team examined instances of data breaches experienced by the Dow 30 companies.After reviewing news reports on breaches experienced by these companies, our research team identified a total of 56 data-breach incidents of varying severity. However, upon comparing the number of breaches to the exposure of board members, no correlation was found.

However, when our research team categorized the breaches into those affecting customer/user data and those exposing employee data (with nine such breaches identified), our team observed that: 

  • Industries that have experienced more employee data breaches tend to have a higher likelihood of their board members being exposed on people search sites.
  • The three sectors with the highest exposure rates for their board members—Technology, Industrials, and Consumer Staples—are also the only sectors that have experienced two employee data breaches.

Although the sample size is small, there seems to be a correlation between the frequency of employee data breaches and the exposure of board members on people search sites. While we cannot establish causality, this finding is consistent with there being management-level attitudes influencing both the protection of regular employee data and the extent to which board members take precautions to limit their online data exposure.

Is there a link between revenue and board members’ exposure?

One might assume that board members of companies with the highest revenues would enjoy better protection compared to those from less profitable companies. Our research team explored whether there is a connection between a company’s revenue and the privacy of its board members.

The revenues of companies on the Dow 30 index range from $5 billion (Sherwin-Williams) to $170 billion (Walmart). Even those at the lower end of the revenue spectrum are considered wealthy—especially compared to standard businesses—and should have the resources to effectively protect their board members’ privacy. 

However, the results seem to challenge this assumption.

Moreover, our team identified some potential patterns when analyzing the likelihood of board members being found on people search sites in relation to their companies’ revenues:

  • Revenue seems to matter little: There appears to be no correlation between revenue and exposure rates—companies with revenues above $50 billion have exposure rates similar to those of companies with revenues below $10 billion.

Some companies seem to protect their board members’ privacy better than others: While the average exposure rate across all companies is over 70%, some companies defy this trend, with only 30% of their board members likely exposed.

What personal information of board members is potentially exposed online

People search sites are essentially services operated by data brokers—companies that specialize in collecting and selling personal information.

These websites enable users to search for individuals using basic details such as first and last name, city of residence, and age or date of birth.

Incogni researchers examined the sites that likely exposed the most board members, assessing what data they claim to possess and make available to the public.

The extent of personal information available on people search sites is alarming, providing access to a wide array of details about individuals.

  • People search sites claim to reveal a variety of personal details, including public records, phone numbers, and even property values.
  • Home addresses and relatives are the two types of information potentially exposed across all the people search sites investigated.

Our team was able to uncover all this data using publicly available data, such as name, date of birth, and city or state of residence for each board member.

Conclusions

Board members are, by default, more exposed than other employees. They typically receive the highest salaries, making them potential targets for criminals, and they are responsible for key company decisions, which can sometimes be unpopular with colleagues or the general public.

Board members are already vulnerable due to their positions. The additional exposure from people search sites, which includes not only professional but also personal information, should be a significant concern for both the board members and their companies.

The tragic shooting of the UnitedHealth CEO on December 4, 2024, serves as a stark reminder that holding a prominent position in a company can lead to individuals being targeted.

Incogni’s study is aimed at raising awareness among not only board members but all individuals that their information is exposed online—no matter how tall their fences are—and that this exposure carries inherent risks.

Methodology

Incogni’s researchers investigated whether members of the Dow 30 boards of directors likely have their data exposed online. The sample, collected on January 28th, 2025, includes 346 board members. Notably, 18 of these individuals served on two or more boards, resulting in a total of 325 unique individuals.

If a board member was found to reside outside the US, they were removed from the sample. Our researchers then checked dozens of people search sites for each board member using publicly available data. These searches were conducted on April 9th and 10th of 2025.

Company revenues were gathered from various sources and reflect the most recent quarterly disclosures as of February 3rd, 2025. For data breaches, we relied on search engines to identify only those breaches that were reputably reported.

When querying people search sites for board members’ personal information, we used an algorithm to establish potential matches between the individual sought and the profiles found. The algorithm assigns a match ranking for each data point based on the difference between the query and potential matches. These rankings are averaged to present an overall match ranking, expressed as a percentage. For this study, we considered a board member discoverable on people search sites if the match probability was 75% or higher.

Public data

Due to the nature of our research, for this particular study, we’ve decided to not share our research materials.

Is this article helpful?
YesNo
Scroll to Top