was anyone else reading this thinking there is much more to it? Like they have been compromised perhaps.
Mainly because shutting a system down entirely seems a little overkill if they are simply saying that users passwords are being recycled. In my mind you would just update all passwords to random strong passwords and then force people to reset if it was just that. Plus have a security review, not take the whole system down (internally too).