-
A cybercriminal called “SinCity” is selling 53,000 front-side U.S. driver license images on a dark web forum.
-
The ID theft spread across all 50 states, with 90% validity throughout 2026 making them key targets for identity fraud.
-
The initial auction kicked off at $10,000 followed by strict bidding rules, revealing the thriving black market for stolen documents.
Over 53,000 driver license images are now being auctioned off to the highest bidder. These aren’t outdated or expired IDs gathering digital dust. They’re fresh, valid credentials that criminals can exploit immediately.
The seller, using the alias “SinCity,” posted the trove to a notorious dark web forum recently. The listing boasts front-side images of driver’s licenses from every single U.S. state. The real kicker? According to SinCity, 90% of these documents won’t expire until 2026 or later. That makes this collection incredibly valuable for anyone planning identity fraud, fake account creation, or financial crimes.
How Every State Got Hit
Pennsylvania recorded 18,096 stolen licenses, which is massive. Florida tags along 6,375 jeopardized IDs, and Maryland records 4,577. Oklahoma and New York recorded 4,365 and 4,056 in stolen licenses, respectively.
Virginia lost 4,016 licenses, while Illinois contributed 1,444 to the criminal marketplace. Even the smallest states show up in the data. Wyoming, Kansas, and South Carolina each have at least one stolen license in the dataset.
The middle tier tells an equally concerning story. Arizona, Iowa, and Missouri each saw over 1,000 licenses compromised. Georgia accounts for 808, Connecticut for 691, and West Virginia for 638. This geographic spread of stolen data aligns with broader analyses of risk, such as a study identifying the US states most vulnerable to surging identity fraud and cybercrime.
California, despite having the nation’s largest population, shows 616 stolen licenses in this batch. Minnesota, Ohio, and Massachusetts all had hundreds of their residents’ IDs exposed.
States with fewer numbers are not exempt from the jeopardy. Washington, Delaware, and Colorado recorded 345, 275, and 245 licenses, respectively. Texas had 205 jeopardized licenses. The scattered data across all remaining states represents thousands more Americans whose identity documents are now circulating in criminal hands.
SinCity claims the source was a “hacked web service.” This vague explanation could point to numerous possibilities. Someone could have obtained your payment from one of three sources: a compromised DMV database, an internal breach of a third-party identity service, or a hack of a third-party organization that performed background checks.
All three types of organizations process driver license information through their platform for purposes such as age verification, financial services, and employment screening.
The Professional Criminal Operation
The auction structure reveals just how sophisticated these underground markets have become. SinCity set the opening bid at $10,000. Each subsequent bid must jump by at least $5,000. For criminals who want to skip the auction entirely, there’s a “blitz” option. Pay $20,000 right now, and the entire collection is yours.
The timing mechanism adds competitive pressure. Bidding closes exactly 36 hours after the last bid drops. This creates urgency while giving potential buyers enough time to verify the data quality and arrange their cryptocurrency payments.
SinCity isn’t some amateur playing around. “Paid Registration” indicates this account has been active since June 15, 2018, and has posted 407 times. The user has established themselves as a credible user within this community. This incident is part of a thriving underground economy for stolen access, exemplified by other major leaks like the nearly 19,000 WordPress site admin credentials exposed in a major dark web data dump.
They have also earned a reputation as a reputable seller, and both their Autogrant badge and the activity statistics indicate they are a trusted vendor in the underground economy.
The use of these documents may result in the establishment of fake bank accounts and ATM cards in addition to allowing the activity of establishing multiple types of fraudulent accounts by an unknown or unidentified entity with one’s identity.
This fraud will become a serious concern for victims of identity theft, as they will likely not know about the fraud until they attempt to renew their driving licence or are subject to identity verification processes.
By the time victims realize the fraud, criminals have often already opened multiple accounts, racked up substantial debts, or committed crimes using the fraudulent documents. This breach is just another reminder about the vulnerability of even the most basic forms of identification and identification documents in the age of the internet or e-commerce.
For the 53,000 American citizens whose driver’s licenses appear in the SinCity database, the coming years may bring unexpected credit denials, fraudulent accounts opened in their names, complications tied to crimes they did not commit, and countless hours spent trying to restore and secure their identities.
