The man who allegedly assassinated a Democratic Minnesota state representative, murdered her husband, and shot a state senator and his wife at their homes in a violent spree early Saturday morning may have gotten their addresses or other personal details from online data broker services, according to court documents.
Suspect Vance Boelter, 57, is accused of shooting Minnesota representative Melissa Hortman and her husband, Mark Hortman, in their home on Saturday. The couple died from their injuries. Authorities claim the suspect also shot state senator John Hoffman and his wife Yvette Hoffman in their home earlier that night. The pair are currently recovering and are “incredibly lucky to be alive,” according to a statement from their family.
According to an FBI affidavit, police searched the SUV believed to be the suspect’s and found notebooks that included handwritten lists of “more than 45 Minnesota state and federal public officials, including Representative Hortman’s, whose home address was written next to her name.” According to the same affidavit, one notebook also listed 11 mainstream search platforms for finding people’s home addresses and other personal information, like phone numbers and relatives.
The addresses for both lawmakers targeted on Saturday were readily available. Representative Hortman’s campaign website listed her home address, while Senator Hoffman’s appeared on his legislative webpage, The New York Times reports.
“Boelter stalked his victims like prey,” acting US attorney Joseph Thompson alleged at a press conference on Monday. “He researched his victims and their families. He used the internet and other tools to find their addresses and names, the names of their family members.” Thompson also alleged that the suspect surveilled victims’ homes.
The suspect faces several charges of second-degree murder.
Privacy and public safety advocates have long argued that the US should regulate data brokers to guarantee that people have better control over the sensitive information available about them. The US has no comprehensive data privacy legislation, and efforts to regulate data brokers from within federal agencies have largely been quashed.
“The accused Minneapolis assassin allegedly used data brokers as a key part of his plot to track down and murder Democratic lawmakers,” Ron Wyden, the US senator from Oregon, tells WIRED. “Congress doesn’t need any more proof that people are being killed based on data for sale to anyone with a credit card. Every single American’s safety is at risk until Congress cracks down on this sleazy industry.”
In many cases, basic information like home addresses can be found through public records, including voter registration data (which is public in some states) and political donations data, says Gary Warner, a longtime digital scams researcher and director of intelligence at the cybersecurity firm DarkTower. Anything that isn’t readily available through public records is almost always easy to find using popular “people search” services.
“Finding a home address, especially if someone has lived in the same place for many years is trivial,” Warner says. He adds that for “younger people, non-homeowners, and less political people, there are other favorite sites” for finding personal information.
For many in the general public as well as in politics, Saturday’s violent crime spree brings new urgency to the long-standing question of how to protect sensitive personal data online.
“These are not the first murders that have been abetted by the data broker industry. But most of the previous targets were relatively unknown victims of stalking and abuse,” alleges Evan Greer, deputy director of the digital rights group Fight for the Future. “Lawmakers need to act before they have more blood on their hands.”
