Half a terabyte of personal records exposed from youth non-profit

Published: 25 October 2025
Last updated: 25 October 2025
Hacker stealing data from a computer
Image by Cybernews.

Attackers claim to have infiltrated Gerar, a Brazilian non-profit that provides training opportunities to youth. The breach allegedly involved sensitive details ranging from names to military service documents.

The post announcing the Gerar data breach was uploaded to a popular data leak forum often used to distribute and exchange stolen details. According to the posts’ authors, they’ve obtained a humongous data collection totaling 546GB.

Gerar is a Brazilian non-profit that aims to help young people get internships and employment. The organization connects first-time job seekers with companies. Unfortunately, their first entry to the job market may now be marked by a loss of personal details.

ADVERTISEMENT
Gerar data breach sample
Attackers' post on the data leak forum. Image by Cybernews.

We have reached out to Gerar for comment and will update the article once we receive a reply.

Meanwhile, the Cybernews research team investigated the data sample that the attackers attached to the post. The team confirmed that the leaked information appears to cover very sensitive details.

For example, the sample appears to have scanned summaries of medical checkups, including both doctors’ and patients’ names. The patients are most likely young people seeking internships with Gerar’s help.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News
Google News Follow us

Other datasets contained scanned ID documents, contracts between Gerar and its apprentices, contracts between educational institutions and interns, and military service document scans of Gerar interns.

One sample includes what appears to be a list from several years ago with sensitive details of Gerar apprentices. The leaked information includes:

  • Names
  • Email addresses
  • Phone numbers
  • Dates of birth
  • Taxpayer IDs
  • Addresses
  • Family income data
  • Educational data
ADVERTISEMENT

Researchers’ insights point to comprehensive data leak which creates severe identity theft risks to the individuals whose data may have been exposed.

For one, attackers can use the numerous data points to set up fraudulent accounts and apply for loans. Since most of the exposed individuals are young, identity theft could negatively impact their credit scores for decades to come.

Has my data been leaked?
Check Now

Meanwhile, medical and financial data could be utilized for phishing attacks. Attackers have more than enough data to form convincing emails that could impersonate young individuals’ schools, military units, or other organizations.

“Beyond immediate damage for the affected people, this kind of data leak could undermine trust in similar educational or work-related programs that are designed to support young people, ultimately discouraging participation in them,” the team explained.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Meta confirms: critical vulnerability in account recovery tool exposed over 20K Instagram users
UK to use AI to prepare for AI-induced employment challenges
Dark web drug vendor gets 26 years for selling fentanyl and meth
Meta escalates legal battle with Israeli spyware firm NSO over WhatsApp attacks
UK PM Starmer set to ban social media for Under-16s
OpenAI plans biggest ChatGPT overhaul ahead of listing
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked