June 2025 Highlights
LinkedIn Password Leak
In early June, a cyberattack led to the leak of 6.5 million LinkedIn user passwords, which appeared on a dark web forum. Users who reuse passwords across platforms are especially vulnerable to credential stuffing attacks stemming from this breach.
Massive Credential Exposure: 16 Billion Credentials Leaked
Between June 18 and 19, security researchers uncovered a staggering data leak involving over 16 billion credentials harvested from malware-infected devices. The compromised data spans major platforms including Apple, Facebook, Google, and GitHub, emphasizing the scale and scope of modern cybercrime.
Kettering Health Ransomware Attack
The Interlock ransomware gang struck Kettering Health on June 6, impacting 14 hospitals and disrupting phone systems, electronic health records, and critical services. This attack caused procedure cancellations and ambulance diversions, highlighting the devastating effects ransomware can have on healthcare providers.
Optima Tax Relief Breach
On June 9, Optima Tax Relief suffered a double-extortion Chaos ransomware attack that resulted in the theft and leak of 69 GB of sensitive tax documents and corporate data.
Sensata Technologies Data Theft
Also in June, Sensata Technologies fell victim to a ransomware gang that stole personal data, raising concerns about data security in industrial technology firms.
July 2025 Highlights
Louis Vuitton UK Data Theft
On July 2, Louis Vuitton confirmed a cyberattack targeting its UK operations, resulting in customer data theft that included names, contact details, and purchase history. While financial information was not compromised, customers were advised to remain vigilant against phishing and fraud attempts.
Qantas Airlines Data Breach
Disclosed in early July but occurring in late June, a cyberattack on a third-party call center system used by Qantas exposed personal details of up to 5.7 million customers. Exposed data included names, email addresses, phone numbers, and birth dates, though credit card and passport details were unaffected.
Columbia University Data Breach
A cyberattack caused a system-wide outage at Columbia University and led to the breach of personal data for applicants from 2019 to 2024. Approximately 460 GB of data, including 1.8 million Social Security numbers, were stolen, marking one of the largest educational data breaches in recent history.
Horizon Healthcare RCM Data Breach
In July, Horizon Healthcare RCM disclosed that a computer virus had blocked access to network files, exposing sensitive personal information of over 77,000 individuals, including Social Security numbers, birth dates, and financial data.
Ransomware Hits Multiple Healthcare Organizations
July also saw seven healthcare organizations added to ransomware gangs’ data leak sites, indicating a wave of attacks targeting this critical sector. While the full extent of data loss remains unknown, these incidents emphasize the ongoing risk ransomware poses to healthcare providers.
Final Thoughts
The incidents of June and July 2025 highlight persistent challenges in cybersecurity—from credential theft and ransomware to third-party vulnerabilities. Organizations across industries must remain vigilant by:
- Implementing strong password hygiene and multi-factor authentication (MFA).
- Conducting regular security audits and penetration testing.
- Ensuring robust backup and incident response plans.
- Monitoring third-party and vendor risk continuously.
At Breachfin, we specialize in helping businesses identify weaknesses, respond effectively to incidents, and build resilient security postures. If you want to safeguard your organization against the evolving threat landscape, contact us for a comprehensive cybersecurity assessment.
Stay safe and stay informed.
— The Breachfin Team
