The OneRep Scandal: When Your Privacy Company Owns the Data Brokers It's Supposed to Scrub

On March 14, 2024, Brian Krebs published an investigation that should have ended OneRep. The data-removal company's Belarusian founder, Dimitri Shelest, had personally launched dozens of people-search sites since 2010 — including Nuwber.com, a still-active broker that OneRep itself counts among the sites it scrubs for paying customers.

It took Mozilla, OneRep's biggest partner, more than 20 months to actually walk away. The story is a case study in why the alignment of incentives in the data-removal industry matters more than the marketing copy.

One-sentence answer: The OneRep scandal refers to KrebsOnSecurity's 2024 finding that OneRep's CEO founded and partially owned the very people-search broker (Nuwber) his company sells removal services from — a conflict that ultimately led Mozilla to shut down its Monitor Plus product on December 17, 2025.

TL;DR

• Krebs' March 2024 investigation found OneRep CEO Dimitri Shelest had founded roughly 179 people-search domains, including the still-active Nuwber.
• Shelest admitted founding Nuwber and retaining a financial stake. He claimed "zero crossover" with OneRep.
• Mozilla said it would drop OneRep in March 2024. Krebs reported in February 2025 that Firefox users were still being shown OneRep promotions nearly a year later.
• In November 2025, Mozilla finally announced Monitor Plus would shut down on December 17, 2025, with prorated refunds.
• The lesson is structural: a privacy company that owns the brokers it scrubs has incentives pointed in two directions at once.

The original investigation

Shelest, a Belarusian entrepreneur, founded Nuwber in 2015. He also founded OneRep — a service that markets itself as removing your personal information from people-search sites — around the same time. Krebs' research, based on historical WHOIS and corporate records, tied Shelest to roughly 179 domains in the people-search and broker space.

When confronted, Shelest issued a written response acknowledging that he founded Nuwber, that he still held an ownership stake, and that "any other old domains that may be found and associated with my name are no longer being operated by me." He maintained that Nuwber and OneRep had "zero crossover or information-sharing."

That distinction did not land well. Selling a removal service while owning a removal target is the structural problem regardless of whether the two systems exchange data. It is the conflict of interest itself that the customer is paying to avoid.

Mozilla's slow exit

OneRep had been the engine behind Mozilla Monitor Plus, the paid tier of Mozilla's free breach-monitoring tool that bundles Firefox. When Krebs' story broke, Mozilla told reporters it would wind down the partnership.

Then nothing visible happened.

In February 2025, Krebs published a follow-up titled "Nearly a Year Later, Mozilla is Still Promoting OneRep". Firefox users were still being upsold into Monitor Plus, which still routed to OneRep on the backend. Mozilla cited contractual obligations and the difficulty of replacing a provider mid-subscription.

It was not until November 2025 that Mozilla finally announced a real end date. According to the official Mozilla support page, Monitor Plus shut down on December 17, 2025, with automatic prorated refunds for active subscribers. Krebs called it the end of "Two-Faced Onerep". Mozilla framed it as a refocus on its free Monitor product and its VPN.

Either way, it took 20 months from disclosure to action — and the original conflict was never adjudicated, only abandoned.

Why this matters beyond OneRep

A data-removal industry is healthy when the removal companies are pointed in the opposite direction from the brokers. The OneRep case exposed a structural failure: nothing prevents the same person from operating both sides of the trade.

It is not the only example. Avast — whose BreachGuard product competes in the same removal category — was fined $16.5 million by the FTC in February 2024 for selling user browsing data through its subsidiary Jumpshot while marketing itself as a privacy product. Different mechanism, same logic: a privacy company monetizing the surveillance it claims to protect against.

If you are paying for data removal, the basic questions to ask are:

1. Does the company or its leadership own any people-search or broker sites?
2. Does it sell, share, or "anonymize and license" user data?
3. Does it take affiliate revenue from competitors or from brokers?
4. Who owns the parent company, and what else do they own?

Answers to those questions should be public, on the company's site, and verifiable. If they are not, that is the answer.

What OneRep customers should actually do

If you were on Monitor Plus or are a current OneRep customer:

• Verify your subscription status. Mozilla refunds are automatic for unused Monitor Plus time, but OneRep direct customers need to check their account.
• Re-scan your name on the major people-search sites. Spokeo, Whitepages, BeenVerified, Radaris, MyLife, Intelius, and yes, Nuwber. If you appear, file fresh opt-outs.
• Decide on a successor. The honest 2026 comparison of Incogni, DeleteMe, Optery, and Leak Check Me walks through the trade-offs.
• Read the broker landscape. Our explainer on what a data broker is and how the $290 billion industry actually works is a useful frame for whatever you choose next.

The broader pattern

This is the pillar argument we keep coming back to: the harm is not any single leak, it is the link between sources. A privacy company that owns the link is selling you the wound and the bandage from the same shelf.

The OneRep story does not mean every data-removal service is compromised. Most are not. But it does mean the default posture of a privacy buyer in 2026 should be skeptical: ask who owns the parent, what other businesses they run, whether the financial model has any hidden seams.

Our stance, plainly

For the record, since the question is reasonable to ask of any company writing about this:

• Leak Check Me does not own, operate, or hold a stake in any data broker or people-search site.
• We do not take affiliate revenue from competitors or from brokers.
• We do not sell, share, license, or "anonymize and license" customer data. We do not run an ad network.
• Pricing is $20 for a one-time scrub mission and an optional $19/month patrol. That is the whole revenue model.

That is not virtuous, it is just structurally aligned. The work we do for you costs the data broker industry money. We want it that way. If our incentives ever drifted, you would notice it in our pricing model first and our writing second.

What you can do today

1. If you're a Mozilla Monitor Plus subscriber, confirm your refund landed and decide on a successor service. Subscriptions ended December 17, 2025.
2. Search your own name on Nuwber specifically. If you are listed, file the opt-out at nuwber.com/removal — same domain that has Shelest's name on the founding documents.
3. Before paying for any privacy service, search the parent company's ownership and the founder's name plus "people search" or "data broker." Five minutes can save a year.
4. If you want a one-time scrub instead of a subscription, that is a thing you are allowed to want. The industry trained you to expect monthly billing forever; it doesn't have to be that way.

If you want help with the scrub itself, Leak Check Me runs the mission for $20 — find the leak, scrub the link, no broker stake on our end. We built it because the OneRep story shouldn't have been possible in the first place.

Sources

• Krebs on Security — Mozilla Drops Onerep After CEO Admits to Running People-Search Networks (March 2024)
• Krebs on Security — Nearly a Year Later, Mozilla Is Still Promoting Onerep (February 2025)
• Krebs on Security — Mozilla Says It's Finally Done With Two-Faced Onerep (November 2025)
• Mozilla Support — Monitor Plus has shut down
• Techdirt — Mozilla Drops New Privacy Partner After CEO Found Tethered To Data Brokers
• FTC — Order Will Ban Avast from Selling Browsing Data for Advertising Purposes (February 2024)