The education profession relies on teachers being accessible to their students and families and open to sharing with colleagues. But a little information can be a dangerous thing.
For one former middle school art teacher in Baltimore County, it started with a group of students Zoom-bombing her class. But when a home address linked to her family became public, she said pranks escalated to falsely calling emergency services, commonly called “SWATing.”
“My poor 60-year-old parents were woken up to a full SWAT team in the middle of the night,” she said. “Thankfully, nobody was hurt and [the police] quickly realized it was a hoax.”
“When I Googled my name after the incident, the very first site listed my address as my parents’ address,” said the woman, who left teaching in 2022.
While educators have always been vulnerable to student pranking, experts say the malicious use and release of personal information is a rising problem for teachers, and legal protections are not keeping up.
“Schools all across the country are all dealing with these issues [of teacher privacy protection] at the same time,” said Ronn Nozoe, the executive director of the National Association of Secondary School Principals. “There’s no playbook for how to deal with this, so folks are having to invent them on their own.”
Teachers often are higher-profile than other school employees, and public debates over curriculum, LGBTQ+ protections, and other issues often put teachers in the crosshairs of cyberattackers.
“Individual educators’ social media has become more heavily scrutinized, and the kind of thing that certain [cyberbullying] groups have grabbed onto,” said David Sallay, the director of youth and education at the Future of Privacy Forum and a former chief privacy expert for the Utah state department of education.
Yet educators are more likely to be threatened or actually doxxed by their students or parents than outside groups, according to a nationally representative survey this April by the EdWeek Research Center.
One in 20 educators reported their students have threatened to or actually released private information—including home addresses, photos, and social media posts—and an equal share said parents have done the same.
While there are no federal data on private information releases, an annual survey by the security firm SafeHome.org suggests educators’ experiences are in line with those of Americans more broadly. As of 2024, about 4 percent of U.S. adults surveyed reported they had been the victim of a doxxing attack, and 1 in 5 victims said information about their families had been shared.
Here’s what educators need to know to protect their information.
What is doxxing?
Doxxing—evolved from slang for “dropping documents"—is cyberbullying in which someone reveals or uses sensitive personal, financial, or other information to damage or embarrass the victim.
“The reality is that county records [of mortgage information and political party information], public databases like Spokeo, BeenVerified, Spydialer, and other reverse search engines can render you, me, and anyone else vulnerable to doxxing because they can provide phone numbers, addresses, family member names, and more,” said Sameer Hinduja, a co-director of the Cyberbullying Research Center and criminology professor at Florida Atlantic University.
Doxxing can escalate to other harassment, Hunduja said, including online or live stalking, SWATing, or identity theft. For example, the American Federation of Teachers collected nearly 12,000 signatures for a petition to the head of Instagram to restrict anonymous school “confession” channels on the social media platform in which students post teacher and classmate pictures and information without consent, often provoking harassment.
“Because ‘confessions’ accounts are anonymous, they can quickly morph into vicious cyberbullying,” said AFT President Randi Weingarten. “Educators are often reluctant to talk about these accounts because it brings more attention to the rumors, bullying and their schools. And we also know that sometimes teachers are the targets, and their personal information is shared.”
Releasing personal information can also undermine teachers in class discipline or engagement with families, Sallay said.
What can educators do to safeguard their information?
While some doxxers break into victims’ private files, much information is publicly available but taken out of context—for example, a teacher’s comments in an adult social media group that are then broadcast to students or the public. The best protection, experts say, is to keep personal and professional lives as separate as possible.
“You are a public figure when you’re a teacher. You might not feel like it, you’re not running for office, but you are a public figure,” Sallay said. “So just try and be thoughtful of what are the materials [you as a teacher] are putting there publicly. Ask yourself, if this became public, if a group of parents got a hold of this, what might they do with it?”
Sallay also advised teachers to conduct basic information audits—searching for one’s name on search engines, reviewing access to social media accounts, and so on—regularly.
States have varying levels of protection for online privacy in general and teachers are considered public employees, making their records more accessible than other workers’. Colorado, for example, passed a law in 2022 allowing educators to request to have personal information like home addresses removed from government websites if they or family members receive safety threats—though not preemptively.
What should educators do if they are threatened with doxxing?
If a student or parent mentions, for example, a social media post or photo without threatening to distribute it without permission, educators should think through whether they would be comfortable if it were broadly distributed and consider removing it.
If someone threatens to use or release data to damage a teacher, the National Education Association and AFT both advised their members to document any communication from the person making the threat, and specify whether the person would have needed to break into private accounts to get the information.
“I’m not the kind of person who is anxious or living in perpetual fear. Even after the SWATing attempt, I did my best to move on and continue to do my job to the best of my ability,” said the former Baltimore County teacher. But she now monitors her social media and public information searches and said she regularly uses information removal services. While some companies remove information for free on request, other firms charge to pull down information across platforms.
“I’d just encourage teachers to not be naïve about what their students are capable of and to take extra precautions to avoid being targeted in a harassment campaign,” she said.
What should school and district leaders do to help?
Clear guidance for students and staff is critical, experts say.
In the EdWeek Research Center survey, 41 percent of district administrators said their school system has a policy for dealing with students who attempt to dox teachers. However, only 26 percent of school administrators and 15 percent of teachers said the same, suggesting a disconnect in how well districts explain their guidance.
“Administrators need to specifically delineate penalties for doxxing by students and make sure that the entire student body is clearly aware of this,” Hunduja said.
Administrators should work to limit the ways students or parents can get personal information on teachers. Sallay recommends districts not collect databases of information like staff emails or home phone numbers, to avoid consolidating access to vulnerable information.
“You [as an administrator] might be coming from a good place, but draw a line between personal and professional life” in staff information collected, Sallay said, “because if you are collecting and that personal information becomes more publicly available, someone’s going to misuse it. And most of the time, you don’t really need it.”
Districts can also help educators engage with school communities in safer ways. For example, superintendents should encourage teachers to post photos from class projects on official school social media accounts rather than personal accounts; provide work phones or internet-based phone numbers for teachers to use when communicating with students and families; and restrict recording technology in schools.
“Students bringing in devices and recording or videotaping is just so much more prevalent now, because of smart devices in general,” Sallay said. “So that is a vector that I think teachers need to be aware of.”
Developing a school culture of respect and responsibility is equally important, the NASSP’s Nozoe said.
“We’re not going to ban our way to kids being great digital citizens,” Nozoe said. “Some [technology restrictions] are appropriate and we can leverage those tools, but the larger goal is to make sure that as they’re developing, kids really understand the difference between ethical and unethical use of technology.”