Hi, since several days I'm experiencing the same issue.
Earlier this week I couldn't login anymore to the site and apparently this was caused by the fact that all usernames were reset to "admin" and also all passwords were changed.
I fixed it by manually updating the database with the correct information, but now, 2 days later, the same thing happened.
I have several security related plugins enabled on my site (Bulletproof security, Better WP Security, Block Bad Queries, Antivirus, Semisecure Login Reimagined) and none of them detected/reported any suspicious activity.
Also Sucuri.net sitecheck says the site is clean.
And I can't find any suspicious activity in the apache access logs and I can't find any suspicious files on the filesystem either.
Were you able to solve this issue, yans_fied ?