Search TorNews

Find cybersecurity news, guides, and research articles

Popular searches:

Home » News » Data Breaches » Hacker Claims to be Selling 104 Million Alleged Brazil Vehicle Record

Hacker Claims to be Selling 104 Million Alleged Brazil Vehicle Record

By:
Last updated:July 8, 2026
Human Written
  • A threat actor claims to be selling a database with about 104 million Brazil vehicle records for $700.

  • The listing says the data comes from Detran and includes information linked to the country’s RENAVAM vehicle system.

  • No authority has confirmed a Detran breach, and security experts say the listing should remain unverified until evidence appears.

Hacker Claims to be Selling 104 Million Alleged Brazil Vehicle Record

A threat actor claims to be selling a huge database tied to Brazil’s state traffic agencies. The listing appeared on a well-known cybercrime forum, according to Daily Dark Web Intelligence on X. The seller says the database holds about 104 million vehicle records from 2024. The post also claims the file is about 22 GB in size and is selling for $700.

The data is said to be linked to Detran, Brazil’s state traffic authority, and the country’s RENAVAM vehicle registration system. If the claims turn out to be true, this could become one of the biggest alleged vehicle data listings seen on underground forums in recent years.

However, there is an important catch. Daily Dark Web Intelligence said it has not confirmed that the database is real. The account also said there is no proof that any Detran office suffered a cyberattack. That means the post should only be treated as an unverified claim for now.

Experts Urge Caution Until Evidence Appears

Cybersecurity researchers often warn that dark web sellers do not always tell the truth. Some threat actors recycle old databases. Others combine information from several older leaks. Some even make up listings to attract buyers before disappearing with the money. As such, experts say people should wait for independent proof before accepting claims made on cybercrime forums.

The same caution applies to other Brazilian breach claims, including the alleged Hostoo Brazil breach that reportedly exposed multiple sectors.

Researchers have repeatedly explained that the size of a dataset or its asking price does not prove it is genuine. A listing may look convincing but still contain old, public, mixed, or completely fake information. The seller’s asking price has also raised questions. At first glance, $700 may seem very low for a database that supposedly contains more than 100 million records.

Still, security researchers say this is not unusual in underground markets. Sometimes the information has already spread among criminals. In other cases, sellers lower the price because the data came from older leaks.

There are also situations where the listing exists only to attract buyers without delivering anything valuable. For that reason, experts say buyers and researchers should never judge a database by its price alone.

Why Criminals Value Vehicle Records

Brazil does not operate a single nationwide traffic office. Instead, every state has its own Departamento Estadual de Trânsito, better known as Detran. These offices handle many important services. They issue driver’s licenses. Also they register vehicles. They record ownership changes.

They process traffic fines. Also they also manage many licensing records. Detran offices work alongside RENAVAM, Brazil’s national vehicle registration system. RENAVAM helps keep records for registered vehicles across the country.

If criminals really obtained such a database, it could become valuable for several illegal activities. They could use the information to support identity fraud. They might also create vehicle scams, insurance fraud, phishing emails, or social engineering attacks that target vehicle owners with convincing personal details.

Large government-related databases often attract cybercriminals because they can contain information that helps build detailed profiles of potential victims.

Brazil Continues to Appear in Underground Data Listings

The latest listing also fits a broader trend. Brazil has remained one of the countries that frequently appears in underground cybercrime markets. According to SOCRadar’s Brazil Threat Landscape Report 2024, government agencies and private companies continue to appear in many underground data advertisements.

The report also notes that many of those listings never receive independent verification, so researchers should treat them carefully until evidence becomes available. Kaspersky reached a similar conclusion after studying Brazil’s underground cybercrime scene throughout 2024.

The company reported seeing hundreds of advertisements involving Brazilian databases during the year. According to Kaspersky, some of those listings later proved to contain genuine stolen information. Others turned out to contain recycled data, publicly available records, or completely fabricated claims designed to attract buyers.

That wider pattern helps explain why security researchers remain cautious about the latest Detran listing. The advertised database could point to a real security incident. It could also be another example of criminals exaggerating or inventing claims to make quick money on underground forums.

At the time of publication, no major cybersecurity news outlet has confirmed the alleged database sale. Likewise, no Brazilian authority has publicly reported a breach involving Detran systems. Until new evidence appears, the reported sale remains an unverified claim posted on a cybercrime forum.

Even so, the listing serves as another reminder that government-related information remains valuable in underground markets. Criminals continue to buy, sell, recycle, and advertise both real and fake datasets, making it important to verify every claim before treating it as a confirmed cyber incident.

Share this article

About the Author

Joahn G

Joahn G

Cyber Threat Journalist

Joahn is a cyber threat journalist dedicated to tracking the evolving landscape of digital risks. His reporting focuses on ransomware gangs, data breach incidents, and state-sponsored cyber operations. By analyzing threat actor motives and tactics, he provides timely intelligence that helps readers understand and anticipate the security challenges of tomorrow.

View all posts by Joahn G >
Comments (0)

No comments.