Like i said i am willing to post an announcement but that's all that's technically possible anyway. an email blast is not possible even if i were inclined. while these things are certainly suspect they certainly don't rise to anything more than a nuisance if true. I am all for err on side of caution. it would be far easier to steal said passwords with a man in the middle as almost all email is un-encrypted. as is this site. And on top of that the amount of work to brute a tens of thousands of email accounts they would surely select a better audience. the scenario you described above would simply require some port sniffing when you log onto this site and no brute force a tall. its an encrypted connection. there are and have been countermeasures for brute force attacks on user accounts for a very long time. and this is true of most common mail hosts. So while its worth mentioning it certainly does not rise to being anything more than a nuisance.
I have corrected a typo in the above statement caught by another user here it was an unintentional and important typo.