4.3M Centauro Records
A threat actor calling themselves “Jenk” claims to be selling a 4.3 million‑record database from Centauro Rent a Car — full IDs, tax numbers and driver’s licenses included — a raw data trove that would be toxic for SIU teams and identity checks. The leak underscores how third‑party consumer datasets can create rapid fraud and verification headaches for insurers and claims workflows. (x.com)
The claim surfaced on the X account HackManac, which posted a proof sample and named an actor using the handle “Jenk.” (hackmanac.com) Centauro notified customers of a “partial unauthorized access” via a web service that it detected on December 18, 2025, according to a company email reproduced in a technical write‑up dated January 2, 2026. (blog.furnari.cloud) The Spanish consumer group FACUA has formally asked the Spanish Data Protection Agency (AEPD) to open an investigation into Centauro over the security incident. (facua.org) Independent monitors and reporting outlets say a sample was posted to dark‑web forums to substantiate the actor’s claim, and the dossier was circulated on underground marketplaces in the days after the announcement. (apd.cat) Centauro operates from a head office in Benidorm/Alicante and runs rental locations across Spain and Portugal, placing most affected customers inside EU data‑protection jurisdiction. (crunchbase.com) Early coverage and incident analyses appeared within days of the disclosure, with cybersecurity blogs and dark‑web trackers publishing technical summaries and sample screenshots to corroborate the actor’s statements. (dailydarkweb.net)
