Ethan Grammer
Guillermo Sánchez / June 28, 2025 / 2 minutes of readingRecent Breaches & Incidents
Colossal Credential Compromise: 16 Billion Accounts Exposed
Description:
Cyber News has uncovered a massive trove of nearly 16 billion login credentials (spanning Apple, Google, Facebook, Telegram, GitHub, government services, and more) compiled in about 30 recently exposed datasets. This isn’t a single corporate hack, but rather an aggregation of infostealer malware logs—data stolen from infected devices rather than breaches at major companies.
Analysts stress the datasets are recently collected and highly structured (“URL + username + password”) making them especially potent for credential stuffing, account takeovers, phishing campaigns, and identity theft. Some datasets include session cookies and tokens, enabling attackers to bypass even two-factor authentication.
Recommended Actions:
- Securely generate and store strong, unique passwords. Many managers also alert you if credentials show up in breaches.
- Enable 2FA or passkeys wherever possible.
- Watch for unusual account activity or login alerts and reset passwords immediately if something’s off.
- Avoid clicking suspicious links or downloading unknown software/apps. Infostealer malware often spreads via phishing and fake downloads.
External Links:
EpiSource Data Breach Exposes Sensitive Health Records of 5.4M+ Patients
Description:
EpiSource, a U.S.-based healthcare SaaS provider specializing in risk adjustment and medical coding, confirmed a cyber intrusion in which hackers accessed its systems from January 27 to February 6, 2025. The breach impacted approximately 5.4 million individuals, as listed in recent notifications via the U.S. Department of Health and Human Services.
Potentially compromised information includes full names, addresses, dates of birth, phone numbers and email addresses, health insurance details (plans, IDs, Medicaid/Medicare numbers), medical records data: diagnoses, treatments, test results, images, social security numbers and similar identifiers. Fortunately, no payment card or banking data appear to have been accessed.
The compromised data belongs to patients of various healthcare providers and insurers served by Episource. However, not all Episource clients were affected, and the company has not disclosed which providers were involved.
Notifications are being sent on behalf of Episource’s clients, meaning patients will not receive separate notices from their healthcare providers.
External Links: