What Happened
Threat actors on a dark web forum in early 2026 claimed to have breached CheckCarro, a Brazil‑based vehicle history lookup service, and were offering a database allegedly linked to the platform for sale or distribution. Available intelligence reports describe this as a “fresh database” tied to CheckCarro but note that the authenticity and scope of the data have not been independently verified, and no formal incident disclosure by the company or regulators has been located. As of current reporting, public sources do not provide confirmed details on the exact date of compromise, types of data exposed (such as customer PII, vehicle/VIN data, or credentials), or the number of affected records, only that a CheckCarro‑related dataset is being circulated by a threat actor and treated cautiously pending validation.
