Moments of social and political unrest in the United States today inevitably follow a pattern that sees them spill over from the streets directly into inboxes, comment sections, and private group chats, dragging businesses and institutions into the crossfire. This reality of high stress and tension then amps up the digital risks to your people, your brand, and your data, and it rises just as fast as the volume of posts and hashtags.
Every major wave of unrest or polarizing issue now comes with a parallel front online, such as livestreams, call‑out threads, leaked screenshots, and mass‑circulated contact details. This digital crater then creates space for legitimate activism, but also opens the door to harassment campaigns, doxxing, and social‑engineering scams that target anyone perceived as “involved,” including employers, vendors, and event hosts.
Online hate and harassment are already a daily reality for Americans. One national 2024 survey found that 22% of U.S. adults experienced severe online harassment in the past 12 months, up from 18% the year before; physical threats rose from 7% to 10% in the same period. Pew Research has similarly reported that roughly four in ten Americans have experienced some form of online harassment, with politics cited as a key driver.
As one civil‑rights group put it, “Our public square has moved online, but our protections have not kept pace with the risks.”
The viewpoint above is a warning that the places where opinions are shaped and pressure is applied have shifted from town halls and op‑eds to feeds, DMs, and forums, but the guardrails never followed. Policies, laws, and even most corporate security programs were designed for a slower, more physical world, not one where a viral clip or call‑out thread can unleash thousands of abusive messages, expose home addresses, or spin up a fake fundraising page in a matter of hours. In other words, people and organizations are far more exposed online than the protections around them would suggest.
When unrest spikes, organizations face a cluster of overlapping threats:
Staff and executives being named, tagged, or photographed, then targeted with harassment or doxxing that can spill into stalking or physical intimidation.
Online hate and cyberviolence that disproportionately impact women and marginalized staff; one recent U.S. study found one in four American women have experienced online harassment, including doxxing, stalking, or swatting, with most saying it significantly affected their lives.
Impersonation accounts and fake donation pages that exploit protest narratives to trick supporters, partners, or even your own employees.
Moreover, doxxing is no longer a fringe behavior. Research suggests that around 21% of Americans, roughly 43 million people, have had their personal information exposed online without consent. What's most frightening about the stat above is that most doxxing incidents include home addresses, dramatically raising fear and safety concerns for those targeted.
In 2025, a U.S. Department of Justice prosecutor working on a high‑profile case was doxxed after their name and photo were amplified by a prominent online influencer. Their home address and phone number surfaced across data‑broker sites, and they began receiving threats serious enough that they described identity‑protection services as a “lifesaver.” The episode was part of a broader 250% surge in public‑sector organizations seeking data‑removal support as doxxing and harassment against government workers climbed. The case above, while detailing the impact to a pubic sector employee, applies to the day to day operations of private corporations and individuals as the research from organization SafeHome suggests.
You cannot control the temperature of public debate, but you can reduce how much of that heat reaches your people and systems. Practical moves that even lean teams can take include:
Standing up a focused “unrest watch” that monitors social media, forums, and key deep and dark web sources for your organization’s name, executives, and flagship locations or events, so you can spot doxxing lists, targeted campaigns, or leaked credentials early.
Briefing HR, legal, and communications on clear playbooks for handling online harassment or doxxing of employees, including internal reporting paths, documentation steps, and external messaging.
Tightening access and authentication on high‑risk accounts (social media admins, email marketing tools, cloud collaboration platforms) during high‑tension periods, and explicitly warning staff about phishing and social‑engineering lures that reference current events.
As the security intelligence team at Crisis24 puts it:
“Social unrest is one of the most common types of security incidents that can disrupt business operations and put personnel at risk. Intelligence is one of the most important pieces to safeguarding a business’ operations and personnel during unrest.”
If intelligence is “one of the most important pieces,” the practical question for every corporate security team is: do you actually have an unrest‑ready intelligence function, or just ad‑hoc monitoring that spins up when something trending hits the news? Are you confident you would see your organization’s name on a doxxing list, a fake donation page, or a call‑out thread before employees start forwarding it to you in panic?
For many practitioners, the honest answer is “not yet.” That’s not an indictment of effort; it’s a signal that the threat model has shifted faster than most programs have. The next step is to treat digital unrest the way you treat severe weather or a major outage: build playbooks, assign clear owners, and make sure you have reliable external intelligence to see the storm coming while there’s still time to act.