CEO of Data Privacy Company Founded Dozens of People-Search Firms

The data privacy company bills itself as a Virginia-based service for helping people remove their personal information from almost 200 people-search websites. However, an investigation into the history of finds this company is operating out of Belarus and Cyprus, and that its founder has launched dozens of people-search services over the years.

Onerep’s “Protect” service starts at $8.33 per month for individuals and $15/mo for families, and promises to remove your personal information from nearly 200 people-search sites. Onerep also markets its service to companies seeking to offer their employees the ability to have their data continuously removed from people-search sites.

A testimonial on

Customer case studies published on state that it struck a deal to offer the service to employees of Permanente Medicine, which represents the doctors within the health insurance giant Kaiser Permanente. Onerep also says it has made inroads among police departments in the United States.

But a review of Onerep’s domain registration records and that of its founder reveal a different side to this company. says its founder and CEO is Dimitri Shelest from Minsk, Belarus, as does Shelest’s profile on LinkedIn. Historic registration records indexed by say Mr. Shelest was a registrant of who used the email address

A search in the data breach tracking service Constella Intelligence for the name Dimitri Shelest brings up the email address Constella also finds that Dimitri Shelest from Belarus used the email address, and the Belarus phone number +375-292-702786. is a people search service whose employees all appear to be from Belarus, and it is one of dozens of people-search companies that Onerep claims to target with its data-removal service.’s website disavows any relationship to, stating quite clearly, “Please note that OneRep is not associated with”

However, there is an abundance of evidence suggesting Mr. Shelest is in fact the founder of Nuwber. Constella found that Minsk telephone number (375-292-702786) has been used multiple times in connection with the email address Recall that’s domain registration records in 2018 list the email address

It appears Mr. Shelest sought to reinvent his online identity in 2015 by adding a “2” to his email address. A search on the Belarus phone number tied to shows up in the domain records for, and DomainTools says this domain is tied to both and CEO and founder Dimitri Shelest, as pictured on the “about” page of

A search in DomainTools for the email address shows it is associated with the registration of at least 179 domain names, including dozens of mostly now-defunct people-search companies targeting citizens of Argentina, Brazil, Canada, Denmark, France, Germany, Hong Kong, Israel, Italy, Japan, Latvia and Mexico, among others.

Those include, a site registered in 2016 which was identical to the homepage of at the time. DomainTools shows the same email and Belarus phone number are in historic registration records for,, and (all domains linked here are to their cached copies at, where available)., circa 2015. Image:

A review of historic WHOIS records for show it was registered for many years to a resident of Sioux Falls, SD for a completely unrelated site. But around Sept. 2015 the domain switched from the registrar to eNom, and the registration records were hidden behind privacy protection services. DomainTools indicates around this time started using domain name servers from DNS provider Likewise, first appeared in late 2015, was also registered through eNom, and also started using for DNS at nearly the same time.

Listed on LinkedIn as a former product manager at between 2015 and 2018 is Dimitri Bukuyazau, who says their hometown is Warsaw, Poland. While this LinkedIn profile ( does not mention Nuwber, a search on this name in Google turns up a 2017 blog post from, which laid out a number of reasons to support a conclusion that OneRep and were the same company.

“Any people search profiles containing your Personally Identifiable Information that were on were also mirrored identically on, down to the relatives’ names and address histories,” wrote. The post continued:

“Both sites offered the same immediate opt-out process. Both sites had the same generic contact and support structure. They were – and remain – the same company (even advocates this fact:”

“Things changed in early 2016 when began offering privacy removal services right alongside their own open displays of your personal information. At this point when you found yourself on OR, you would be provided with the option of opting-out your data on their site for free – but also be highly encouraged to pay them to remove it from a slew of other sites (and part of that payment was removing you from their own site,, as a benefit of their service).”

Reached via LinkedIn, Mr. Bukuyazau declined to answer questions, such as whether he ever worked at However, Constella Intelligence finds two interesting email addresses for employees at, and, which was registered under the name “Dzmitry.”

PrivacyDuck’s claims about how appeared and behaved in the early days are not readily verifiable because the domain has been completely excluded from the Wayback Machine at The Wayback Machine will honor such requests if they come directly from the owner of the domain in question.

Still, Mr. Shelest’s name, phone number and email also appear in the domain registration records for a truly dizzying number of country-specific people-search services, including,,,,,, and

The same details appear in the WHOIS registration records for the now-defunct people-search sites,,, and, a people-search service for French citizens.

The German people-search site

A search on the email address suggests Mr. Shelest was previously involved in rather aggressive email marketing campaigns. In 2010, an anonymous source leaked to KrebsOnSecurity the financial and organizational records of Spamit, which at the time was easily the largest Russian-language pharmacy spam affiliate program in the world.

Spamit paid spammers a hefty commission every time someone bought male enhancement drugs from any of their spam-advertised websites. Mr. Shelest’s email address stood out because immediately after the Spamit database was leaked, KrebsOnSecurity searched all of the Spamit affiliate email addresses to determine if any of them corresponded to social media accounts at (at the time, Facebook allowed users to search profiles by email address).

That mapping, which was done mainly by generous graduate students at my alma mater George Mason University, revealed that was used by a Spamit affiliate, albeit not a very profitable one. That same Facebook profile for Mr. Shelest is still active, and it says he is married and living in Minsk (last update: 2021).

The Italian people-search website

Scrolling down Mr. Shelest’s Facebook page to posts made more than ten years ago show him liking the Facebook profile pages for a large number of other people-search sites, including,,,,,,,,,,,,,,,,,,,,,,,,,,,,, and many country-code variations of (e.g., and

The people-search website finds that all of the domains mentioned in the last paragraph were registered to the email address

Mr. Shelest has not responded to multiple requests for comment. KrebsOnSecurity also sought comment from, which likewise has not responded to inquiries about its founder’s many apparent conflicts of interest. In any event, these practices would seem to contradict the goal Onerep has stated on its site: “We believe that no one should compromise personal online security and get a profit from it.”

The people-search website

Max Anderson is chief growth officer at 360 Privacy, a legitimate privacy company that works to keep its clients’ data off of more than 400 data broker and people-search sites. Anderson said it is concerning to see a direct link between between a data removal service and data broker websites.

“I would consider it unethical to run a company that sells people’s information, and then charge those same people to have their information removed,” Anderson said.

Last week, KrebsOnSecurity published an analysis of the people-search data broker giant Radaris, whose consumer profiles are deep enough to rival those of far more guarded data broker resources available to U.S. police departments and other law enforcement personnel.

That story revealed that the co-founders of Radaris are two native Russian brothers who operate multiple Russian-language dating services and affiliate programs. It also appears many of the Radaris founders’ businesses have ties to a California marketing firm that works with a Russian state-run media conglomerate currently sanctioned by the U.S. government.

KrebsOnSecurity will continue investigating the history of various consumer data brokers and people-search providers. If any readers have inside knowledge of this industry or key players within it, please consider reaching out to krebsonsecurity at