In January 2026, an offshore website calling itself ICE List published the names of roughly 4,500 ICE, Border Patrol, and DHS employees. A DHS whistleblower allegedly fed the operator names, phone numbers, and in some cases home addresses and vehicle details. The site stayed online and triggered a federal investigation and the introduction of S. 1952.
What happened
On January 13, 2026, an offshore website operating as ICE List published a list of approximately 4,500 names alleged to be Immigration and Customs Enforcement, Border Patrol, and other Department of Homeland Security employees. The site's founder told reporters that around 2,000 of those named were frontline enforcement officers and roughly 2,500 were administrative staff. The data published went beyond names. Phone numbers, in some cases home addresses, and in some cases vehicle make, model, and plate information were posted. According to coverage compiled by [Wikipedia's ICE List article](https://en.wikipedia.org/wiki/ICE_List) and the [DHS employee data leak entry](https://en.wikipedia.org/wiki/Department_of_Homeland_Security_employee_data_leak), the source of the underlying data was alleged to be a DHS whistleblower with internal access. DHS opened an internal investigation. The site was hosted outside the United States and remained accessible at the end of January. Senator Marsha Blackburn cited the leak as the motivating incident when she introduced S. 1952, the Protecting Law Enforcement from Doxxing Act.
What happened
On January 13, 2026, a website calling itself ICE List published the names of roughly 4,500 people alleged to be ICE, Border Patrol, and other DHS personnel. The site's founder said around 2,000 of those named were frontline enforcement officers and 2,500 were administrative staff.
Coverage by Wikipedia's ICE List entry and the related DHS employee data leak article reported that the published material included names, phone numbers, in some cases home addresses, and in some cases vehicle details. The underlying records were reportedly supplied by a DHS whistleblower with internal access.
DHS opened an internal investigation. The site was hosted outside the United States and stayed up through the end of January 2026.
How it started
This was an insider leak, not a hack of a broker page. The whistleblower allegedly handed over a curated dataset of agency personnel. The site published it.
The publication step is what makes this an operational threat instead of an HR problem. Once a name is public, every broker site, people-search engine, and reverse-lookup tool resells the home address attached to that name. The data classes the site published, name, phone, sometimes home address, sometimes vehicle plate, are the exact classes that get aggregated and resold every day for anyone whose name is known.
Senator Marsha Blackburn cited the leak when introducing S. 1952, the Protecting Law Enforcement from Doxxing Act, in the weeks after publication.
Why this case matters
Most public reporting on doxxing of federal officers happens one officer at a time. ICE List collapsed the threat surface for thousands of agents and staff into a single weekend. Any actor with a grievance and an internet connection can pick a name off the list and walk it through the standard broker stack to get a home address.
The leak source was internal. The downstream amplification is commercial. That second layer is the part anyone in this position can actually do something about.
What this means for you
If you're an ICE agent, Border Patrol officer, or any DHS employee whose name might be on the list, the immediate concern isn't whether the site exists. It's that anyone reading it can now take the name they got there and look up where you live. That step does not require any technical skill.
The federal Lieu Act covers federal judges. There is no current federal statute that lets federal LE force broker removal the way New Jersey's Daniel's Law lets covered NJ officers and judges sue. Until S. 1952 or a successor passes, the defensive layer is continuous broker removal across every commercial site that lists residences by name.
For more on the doxxing chain and which sites matter most, see /doxxing and /data-brokers.
Editorial rules: Only public, already-reported incidents. Never name a non-public victim. Always end with the prevention takeaway tied to our service. Cite at minimum one public source per claim.
What would have prevented this
ICE List is the federal version of the threat that has been running against state and local officers for years. An insider leaked the source data. The site published the names. Anyone with a name from the list and an internet connection can convert that name into a current home address using the same people-search and broker pages a stalker would use against any sworn officer. The federal [Lieu Act](/laws/lieu-act) covers federal judges only. Federal LE has no equivalent statute. The defensive layer is continuous broker removal across every commercial channel that resells your residence by name. We file opt-outs across 200+ broker sites and re-run the demands when listings come back. When a roster-style leak happens upstream, removal is what shortens the chain between the leaked name and the front door.
Public sources
- ICE List — Wikipedia, 2026-04-01
- Department of Homeland Security employee data leak — Wikipedia, 2026-04-01
- Minnesota Lawmaker Shootings: Killer Used People-Search Data Brokers — Wired, 2025-06-17