WP's site helpfully tries to show "this person's other phone numbers". My guess is it's acquired via credit institutions when you use that number for 2FA with a bank (since honestly, what the hell, virtually no bank supports U2F/TOTP 2FA and demand phone numbers, ugh)
I don't know how they match it in the backend, often it's wrong (and results in innocent parties being attacked).
I usually recommend completely prepaid lines for this to prevent hijackers from using the good old social engineering trick to hijack their accounts via customer service by providing last 4 of various identifiers. But these still eventually show up after you add the number to enough 'traditional' accounts. One of my friends (female, streamer) has gotten police at her house at 3 am with guns drawn so many times it's ridiculous. At least in many parts of, if not the entire US, trying to swat someone is legitimately trying to do your hardest to murder them.
This honestly should be made illegal, there is no reason for these services to exist, or for public records to be made available at all other than rate limited, in person without the ability to take a copy. Exceptions can be made for elected officials.
I do a bunch of stuff in the gaming space, and WP has been one of the bigger causes of pain for streamers. Often separate 2FA-only - to prevent account hijacks - cellphones that are paid monthly and used nowhere else still show up, and the result is attempted murder (via swatting). This happens so frequently it's absurd.
None of this is opt in, all of it is extremely unwanted, and those companies really should not exist.
Unfortunately, this isn't the case in 2010+, where the WP site purchases tons of info from data brokers to sell. You don't need a landline or to opt in.
It isn't that I'm playing a game, it's that game anticheat these days will collect and send so much PII 24/7 even when there is no game running, and the anticheat service is NOT removed when you uninstall the game that loaded it. And of course the anticheat service blocks VMs / will ban you if it detects VMware, VirtualBox, etc.
I'm wondering what happens to company data that's been exfiltrated by these anticheat services or how it's protected
Should I just try to expense a cheap Thinkpad then? To be clear, this was not a corporate issued device, it is my home PC that I installed the VPN client on - my work is largely done in a browser on a "LAN" website. The VPN client won't connect unless I have AV up to date and windows updates up to date