Re: An email...
I had a similar thought. I wonder if the spammers are already using the confusion to dupe users into providing their new credentials. Just a simple "Dear user, please reset your password again. The one you did earlier was lost by our server" email, followed by a relatively official looking login page, might trick far too many users. Never underestimate the gullibility of the user base.