Thanks for sharing. This is terrifying and it's the reason releasing the email addresses is a horrible idea.
The web runs on the assumption that you have access to an email address and you'll never lose control of it. Ignoring that assumption and opening up your old users to identity theft just because you want to reissue short usernames that will again be squatted on is kind of crappy.
The web runs on the assumption that you have access to an email address and you'll never lose control of it. Ignoring that assumption and opening up your old users to identity theft just because you want to reissue short usernames that will again be squatted on is kind of crappy.