Over 180 Million Emails And Passwords Leaked Online: Experts Warn Of Mass Attack With Malware Targeting Gmail And Outlook; Check If You Were Affected

183 Million Accounts Are Circulating Since April And Involve Providers Like Gmail, Outlook, And Yahoo; Find Out If Your Email Was Compromised And What To Do Immediately

One of the largest data leaks in history has just been confirmed by cybersecurity experts. More than 183 million email addresses and passwords have been exposed on the internet in a massive attack targeting users of Gmail, Outlook, Yahoo, and other popular providers.
According to the portal CNN Brasil, the information was revealed by expert Troy Hunt, creator of the Have I Been Pwned portal, a global reference in checking digital leaks.

According to Hunt, the mega leak occurred in April 2025, but the data was only added to the portal’s database this week. The survey was conducted in partnership with Synthient, a digital security platform that works on identifying and mitigating cyber threats.

Silent Malware: How The Attack Exposed Millions Of Passwords

According to experts, the attack was carried out through a malware, a malicious software developed to collect confidential user information.
This type of program is designed to infiltrate devices and automatically send data like email addresses, passwords, and registered websites to hackers.

Although the attack was surprising in scale, more than 90% of the compromised addresses had already appeared in previous leaks. This indicates that many of the data had been circulating for years, but were now consolidated and released again, increasing the risk of new attempted scams.

The expert highlighted that most users do not realize when they are targeted by this type of attack, as the malware operates invisibly and, in many cases, is only detected by more advanced security tools.

How To Know If Your Email Was Affected By The Leak

One of the safest ways to confirm if your account has been exposed is by visiting the Have I Been Pwned website, created by Troy Hunt.
Simply type your email in the search bar and the portal will show how many leaks have involved your address and on which platforms the data was compromised.

In addition, the system lists the years in which the incidents occurred and indicates which information was leaked, allowing users to have a complete history of the breaches that could have affected their digital security.

The information was reinforced by international technology and cybersecurity portals, which warn about the increase in visits to the site since the release of the new batch of data.
According to experts, the number of daily accesses to the platform has doubled in the past 48 hours, highlighting the widespread panic among email users.

What To Do If Your Information Was Leaked

If your email is among the affected, the first recommended action is to immediately change your password — for both your main email and all associated accounts.
Experts suggest using strong passwords, with uppercase and lowercase letters, numbers, and special characters. Avoid reusing them across different services.

Another essential measure is to enable two-factor authentication, a feature that adds an extra layer of protection. This authentication requires a confirmation code sent by SMS or generated by an app, making unauthorized access difficult even if the main password is discovered.

It is also important to be alert for phishing attempts, fake messages, or suspicious links sent via email. Hackers often exploit the fear caused by mega leaks to carry out scams and capture even more personal information.

Finally, keeping an updated antivirus and a reliable password manager are practices that can significantly reduce the risks of future intrusions.

Practical List Of What To Do After A Data Leak

1. Change your passwords immediately, starting with your main email.
2. Use unique and complex passwords for each account (mix letters, numbers, and symbols).
3. Enable two-factor authentication (2FA) on all services that offer this feature.
4. Check if your email has been exposed on sites like Have I Been Pwned.
5. Monitor your bank accounts and social media for suspicious access.
6. Beware of messages asking for personal data or promising to resolve issues quickly.
7. Update your antivirus and operating system, ensuring that known vulnerabilities are fixed.
8. Avoid reusing the same password across different websites and applications.
9. Use a password manager to store credentials securely.
10. Consider enabling login alerts (via email or SMS) to detect unauthorized access attempts.

The Importance Of Prevention In An Increasingly Digital World

The case reinforces an old warning from the cybersecurity community: no system is 100% immune.
With the advancement of data collection technologies and the integration of different platforms, each reused password or each click on a dubious link represents an open door to attacks.
For this reason, experts emphasize that the best defense is prevention, combined with responsible digital habits and constant security updates.

The megaleak of 183 million emails exposes not only the fragility of systems but also the urgency of a digital education focused on protecting personal data.
In an increasingly connected scenario, understanding how attacks work and how to protect against them is a matter of national and individual security.

Source: information compiled from CNN Brasil, Have I Been Pwned, and public statements from Troy Hunt and Synthient Security Platform.

Inscreva-se

Entre com

Entrar

Eu concordo em criar minha conta

Quando você faz login pela primeira vez usando um botão de Login Social, coletamos informações de perfil público de sua conta compartilhadas pelo provedor de Login Social, com base em suas configurações de privacidade. Também obtemos seu endereço de e-mail para criar automaticamente uma conta para você em nosso site. Depois que sua conta for criada, você estará conectado a esta conta.

Não concordoConcordo

Notificar de

novos comentários de acompanhamento novas respostas aos meus comentários

Label

Nome*

Email*

Salvar meus dados para a próxima vez que eu comentar

Salvar meu nome, e-mail e site nos cookies deste navegador para a próxima vez que eu comentar.

ONESIGNAL ID

ONESIGNAL ID

Eu concordo em criar minha conta

Quando você faz login pela primeira vez usando um botão de Login Social, coletamos informações de perfil público de sua conta compartilhadas pelo provedor de Login Social, com base em suas configurações de privacidade. Também obtemos seu endereço de e-mail para criar automaticamente uma conta para você em nosso site. Depois que sua conta for criada, você estará conectado a esta conta.

Não concordoConcordo

Label

Nome*

Email*

Salvar meus dados para a próxima vez que eu comentar

Salvar meu nome, e-mail e site nos cookies deste navegador para a próxima vez que eu comentar.

ONESIGNAL ID

ONESIGNAL ID

0 Comentários

Mais recente

Mais antigos Mais votado

Feedbacks

Visualizar todos comentários