Dossieraggio is an Italian term for compiling personal dossiers or using personal information in a harmful, abusive, or manipulative way. In a digital context, it means collecting, combining, and exploiting records, logs, contacts, or archives to profile someone beyond what they expected to reveal.
In cyber security, dossieraggio matters because it often relies on trusted access rather than malware. An insider, or anyone with valid credentials, may search databases, export records, or correlate different sources to build a detailed profile. That makes it harder to detect than a classic external intrusion. Defenses include strong access control, least privilege, data segmentation, and audit logging so unusual lookups and bulk exports stand out. Organizations handling sensitive public or private data should also review access patterns and separate archives that should not be freely searchable together. The core risk is not just data theft, but the abusive transformation of legitimate information into a tool for surveillance, pressure, or privacy violations.



