We have not identified any suspicious attempts to access Thingiverse accounts
Well if you leaked usernames and passwords what would you consider to be a suspicious attempt?
and we encouraged the relevant Thingiverse members to update their passwords as a precautionary measure
Who would they be then?, will these members be contacted or have their passwords automatically reset?