SYS::ONLINE
Wasteland.
Briefs1027
Issues17
SinceFeb 2026
LIVE
▣ Breach DETRAN-SP-DATA 2026-06-29

DETRAN SP: pl4t0v Free Database Leak of 13 Million Records

"Article written to `/Users/openclaw/detran-sp-data-leak.md`. Here is the complete output:"

Article written to /Users/openclaw/detran-sp-data-leak.md. Here is the complete output:


title: "DETRAN SP: pl4t0v Free Database Leak of 13 Million Records" date: 2026-06-29 slug: detran-sp-data-leak


DETRAN SP: pl4t0v Free Database Leak of 13 Million Records

A threat actor using the handle pl4t0v has allegedly published a 13 million record database belonging to DETRAN SP, the São Paulo state vehicle and identification authority, offering it as a free download on a dark web forum. The post, observed on June 29, 2026 and reported by Dark Web Informer, includes a sample, a table schema, and a download link for a 1.59GB SQLite file said to contain Brazil's core national identifiers paired with full names, addresses, and biometric references. The claim remains unverified, and DETRAN SP has not publicly addressed it.

What Happened

On June 29, 2026, an actor operating as pl4t0v posted to a dark web forum claiming to release the full DETRAN SP database for free. According to the listing, the dataset spans roughly 13 million records totaling 1.59GB, delivered as a SQLite (.db) file. The actor provided a sample of records, the underlying table schema, and a direct download link, framing the release explicitly as a free leak rather than a sale.

Two redacted screenshot previews accompanied the post. As of publication, the authenticity and full scope of the data have not been independently confirmed, and DETRAN SP has issued no public statement. Given the scale and sensitivity of the records, this would warrant urgent attention from Brazilian authorities, including the ANPD, the national data-protection authority.

What Was Taken

The actor claims the leak contains approximately 13 million records combining a comprehensive set of personal identifiers. Reported fields include:

This combination is significant because it pairs Brazil's permanent national identifiers, the CPF and RG, with the supporting personal details, parents' names, dates of birth, and addresses, that are routinely used to verify identity. The presence of references to ID photos and biometric collection raises the stakes considerably, since biometric data and national ID numbers cannot be reset or reissued the way a password or payment card can.

Why It Matters

This is a critical exposure because it concerns Brazil's core national identifiers at massive scale. The specific blend of full name, CPF, RG, date of birth, parents' names, and full address is precisely the data set used in Brazil to open bank accounts, obtain credit and loans, and pass identity-verification checks. In the wrong hands, it enables large-scale identity theft, financial fraud, and account takeover.

Beyond direct fraud, verified personal details allow attackers to craft highly convincing phishing and impersonation campaigns that are difficult for victims to distinguish from legitimate contact. Because the dataset is reportedly free to download rather than sold, any exposure may already be spreading widely across forums and channels, multiplying the number of potential abusers and making containment effectively impossible. For a government identity authority, a breach of this nature also erodes public trust in the systems citizens are compelled to use.

The Attack Technique

The forum post does not disclose how the data was obtained, and no intrusion vector has been confirmed. The actor describes only the result, a complete database extract, not the method. The data being distributed as a single SQLite (.db) file is consistent with a wholesale database export, which can result from compromised credentials, exposed or misconfigured database services, vulnerable web applications, or third-party and supply-chain access rather than a direct breach of DETRAN SP itself. Until DETRAN SP or investigators confirm the source, attribution of technique remains speculative, and the leak's authenticity itself is still unverified.

What Organizations Should Do

Sources: Brazilian DETRAN SP Database of 13 Million Records Allegedly Leaked for Free