Not new. Not even remotely new.
This is as it has been for as long as I have been using Thinkpads, and long before Lenovo bought the brand from IBM.
Having bought password protected S/H Thinkpads, and tried many of the 'home-brew' methods of unlocking them, I would say that many of the methods just don't work unless you have a high degree of skill, perseverance, and possibly several Thinkpads to work on.
For many older Thinkpads, what is really needed is a new serial EEPRAM chip soldered onto the motherboard, and then re-programmed with the Model and Serial number and the UUID. This is beyond even reasonably skilled electronics amateurs, really needing a magnified soldering station. It can be done by eye with a needle-nosed soldering iron and a steady hand, but you are more likely to damage the board than not (de-soldering high contact density surface mount chips is not easy in my experience). And IBM/Lenovo never made the software for setting the VPD available.
The newer ones, with TPM Security Chips fitted require both the EEPRAM and the Security Chip reset. This requires specialist knowledge which AFAIK is not in the public domain.
Companies deploying Thinkpads should set and securely record the master password themselves, and only let the users change the hard-disk and boot password. That way, the company IT department can rescue a Thinkpad before it is destined for the scrap-heap or a large repair bill.
The whole reason why this is the case is because Thinkpads are designed from the ground up to be good business laptops. This includes good security. I really don't think that you really want an easy way to break into a laptop containing YOUR sensitive data.
Lenovo is just applying the "Your lack of planning does not make it my emergency" principal.