VéTO

🇧🇷 Alleged Brazilian Federal Revenue Database Containing 248M+ Citizen Records Advertised for Sale A threat actor using the handle "BuddhaGroup" has advertised what they claim is a complete database from Brazil's Federal Revenue Service (Receita Federal). * According to the post: * Claimed scope: 248 million+ Brazilian citizens * Source claimed by seller: Receita Federal * Seller claims data was "extracted directly from official sources" * Advertisement posted in a marketplace section offering database sales * The actor claims the database includes multiple interconnected tables containing: * Individual records * CPF numbers * Full names * Dates of birth * Gender information * Mother's names * Occupation data * Contact information * Email addresses * Telephone numbers * Area codes (DDD) * Address information * Residential information * Street addresses * Neighborhoods * ZIP codes * Cities * Corporate information * CNPJ records * Company trade names * Economic activity codes (CNAE) * Capital information * Legal entity details * Corporate ownership and shareholder information * Corporate succession history * The post references several tables allegedly containing hundreds of millions of records, including citizen, address, company, telephone, and shareholder datasets. * If authentic, the advertised dataset would represent one of the largest alleged exposures of Brazilian citizen and corporate information observed on underground forums. * At the time of publication, Daily Dark Web could not independently verify: * The authenticity of the database * Whether the data originated from Receita Federal systems * Whether the information is current * Whether the records were obtained through unauthorized access * Whether the dataset consists of newly acquired or previously leaked information Analyst Note: Large-scale national identity datasets are frequently re-packaged, merged, and resold across underground communities. However, authentic CPF-linked records remain highly valuable to cybercriminals due to their utility in identity theft, financial fraud, account takeover, synthetic identity creation, and social engineering operations. Any dataset claiming nationwide citizen coverage should be treated as a high-priority intelligence event until validated. #DDW #Intelligence #DarkWeb #Brazil