Survey of 421 cybersecurity leaders finds data brokers are viewed as the top attacker intelligence source, while employee data reduction ranks as the top defense and investment priority
Optery today announced the release of its 2026 Enterprise Social Engineering Survey Report, The Data Behind the Deception, based on a survey of 421 cybersecurity leaders across large enterprises.
The report shows a clear shift in how large enterprises are responding to targeted social engineering. Cybersecurity leaders identified data broker and people-search sites as the most significant source of attacker intelligence enabling these attacks, ahead of social platforms and breach data. They also ranked reducing publicly available employee data as both the most widely used proactive defense and the largest investment priority.
Nearly all respondents reported an increase in targeted social engineering over the past 12 months, and approximately three-quarters reported credential compromise resulting from these attacks. The findings point to a central enabler: attackers can easily obtain the personal and professional data needed to identify, profile, and target or impersonate employees. In response, security teams are increasingly focused on addressing the exposed employee data that fuels social engineering in the first place.
“Data broker exposure is not a theoretical risk for organizations,” said Lawrence Gentilello, CEO and founder of Optery. “Leaked ransomware group communications, incident investigations, and government advisories have all shown threat actors using data brokers to identify employees, map organizations, and support targeted social engineering. This report shows that enterprise security leaders are recognizing the same pattern and responding by reducing the employee data attackers use to launch these attacks.”
The report also highlights how attacks are distributed across channels, with organizations reporting confirmed incidents spanning social media, voice, SMS, email, and spoofed domains. No single channel dominates, creating a complex attack surface where defensive strength varies.
Because attacks are reaching employees across many channels and producing compromise, organizations are placing greater emphasis on reducing the exposed personal data attackers use to find and target employees. A strong majority agree that limiting exposed employee data reduces social engineering risk. Most respondents reported that their organizations have implemented or are developing programs to reduce exposed employee data, and the vast majority plan to expand personal data removal coverage across their workforce.
“Targeted social engineering is putting real pressure on enterprise security teams, but the most important finding is where organizations are focusing their response,” said Paul Mander, CCO and General Manager of Optery for Business. “Security leaders are identifying data broker and people-search sites as a major source of attacker intelligence, and they are prioritizing employee data exposure reduction as a result. That points to a meaningful shift in how enterprises are thinking about social engineering defense.”
Additional findings from the report include:
- Attacks are personalized using exposed data, with the majority of respondents reporting tailored targeting of employees
- Respondents believe employee personal and professional data is easily discoverable online, including corporate email format patterns, personal mobile numbers, personal email addresses, home addresses, job titles, reporting structures, and family or associate names
- 77.4% believe employee data is very or somewhat exposed on data broker and people-search sites
- IT and identity-focused roles are the most frequently targeted, significantly ahead of executives
- 76.5% categorize reducing publicly exposed employee data as either a core security initiative or supporting security measure
- More than three-quarters of respondents say limiting employee personal data online is critical or very important as AI-generated attacks become more scalable
- 82.2% plan to expand personal data removal coverage in the next 12 months
The report is based on research conducted by independent agency TrendCandy on behalf of Optery and reflects the perspectives of large-enterprise cybersecurity leaders, primarily at the director, vice president, and executive levels. The margin of error is approximately ±4.8% at a 95% confidence level.
The full report is available here: https://www.optery.com/2026-optery-enterprise-social-engineering-survey-report