⚠ Critical finding: Password credentials were exposed in plain text in the Collection #1 breach, representing an active credential-stuffing risk across all linked accounts. DeHashed confirms two additional exposures with plaintext passwords. Recommend immediate cross-reference of exposed credentials against the subject's active email and social platform access.
Digital Footprint. The subject maintains a consistent username pattern — jdoe.93 / jd_writes — across 9 of 11 discovered platforms, enabling high-confidence attribution. Two dormant accounts (pre-2019) contain archived content that may be relevant to the timeline. GPS metadata embedded in two Instagram posts geocodes to Coral Gables, Florida, which correlates with an associate address cluster and a business registration filed under the subject's middle name.
Recommended Next Steps. (1) Subpoena carrier records for linked phone number — Twilio Identity Match flags a SIM swap in January. (2) Conduct shadow analysis on the two geotagged images to establish time-of-day and verify location. (3) Identify beneficial owner of three privacy-proxy domains via registrar legal process. (4) Pull OpenCorporates filing history for the Miami business entity and cross-reference officers against known associate list.
to preview Street View
