Grinding to a Halt
So, as I understand it, after worries about (circa) 1,000 GWR online customers having the passwords compromised (seemingly on another website or websites where the same passwords were used as on GWR's website), GWR have now cancelled the passwords of all (circa one million) of their website registered users. That includes deregistering those fairly wise persons who use strongish and different password for every website (or other thingy) that they are registered with - and hence were not compromised in the way feared by GWR.
If every website is going to have all their registrants deregistered every time a few of their unwise users get their (easily guessable or multiply used) passwords hacked, the modern world is going to grind to a halt.
Best regards