It's probably false that "there does not exist a customer of EC2 that has been hacked", and that should be pretty obvious. Furthermore it's false for essentially all nontrivial, large services.
"We have been advised that law enforcement officials are aware of the intrusion into this customer’s systems." sounds like a customer was hacked, not Linode.
If a customer was hacked, why reset everyone's password? Unless there is something Linode is not telling us, there is no reason they should be doing this. Think about it like this: what if Google reset everyone's passwords whenever a gmail account got compromised? Ridiculous.
> Out of an abundance of caution, however, we have decided to implement a Linode Manager password reset. In so doing, we have immediately expired all current passwords.
If the compromise was a brute force, then there's no need to reset my password.
If the compromise was due to a flaw in Linode's system (potentially exposing other accounts) then a global password reset makes sense.
Can you imagine if every service you used reset everyones passwords every time one of their users got brute forced? You'd do nothing but reset your passwords all day...
