December 2024’s tragic shooting of United Healthcare CEO Brian Thompson marked a chilling inflection point in the online hostility towards corporate executives. Since the subsequent arrest of Luigi Mangione, the analysts at Flashpoint have observed a significant rise in ideologically motivated threats targeting CEOs and key personnel ranging from doxxing and location tracking, to targeted harassment, and threats of physical violence.
The Emergence of “Luigi Was Right” and “The CEO Database”
In April 2025, the company identified a website paying homage to Mangione, exposing the business and personally identifiable information of CEOs and executives from over 1,000 companies. Although the site appeared to go offline on May 29th, with portions archived via the Wayback Machine—a new site, The CEO Database, quickly appeared later that day with even more data including personal and work numbers, and LinkedIn accounts. At time of publication, The CEO Database is currently down.
Exposed information includes:
- Company name
- Job title
- First and last name
- Mobile
- Office
- Personal LinkedIn URL
- Website
- Department
- Company valuation
- Seniority
The Evolving Cyber Threats to Executives
While it’s assessed that the information contained in the list alone likely does not pose a significant physical threat, further analysis performed by threat actors could present a significant risk. Personal information can be weaponized in numerous ways by threat actors:
- Harassment and surveillance: Malicious actors may use listed numbers to directly contact or harass individuals. Additionally, they could perform research to locate home addresses or family members.
- Phishing and ransomware: Using AI-generated content, threat actors can craft credible, multilingual phishing lures containing ransomware or other types of malware, targeting executives or their organizations.
- Deepfake-enabled fraud: Video and audio deepfakes can be used for impersonation, extortion, or reputational attacks.
Protect Executives Using Flashpoint
Today’s executives find risk at the intersection of digital threats and physical actions. Protecting key personnel requires targeted, proactive analysis and action—converting raw data into actionable insights that can be leveraged by security teams.
This task becomes increasingly more complex with each passing day. As such, organizations need comprehensive threat and open-source intelligence that provides security teams with a wealth of timely information, as well as the tools to quickly turn it into meaningful signals.
This post was originally created and shared by Flashpoint.
