Instead, due to recent data dumps of old breaches of usernames and passwords from MySpace, LinkedIn, and Tumblr, the services are proactively telling some users to change their passwords just in case.
The reason: They likely used the same password that was found in the breaches of the other sites, a common problem that hackers can exploit to their advantage.
"We believe that your Netflix account credentials may have been included in a recent release of email addresses and passwords from an older breach at another company," Netflix emailed some users recently. "Just to be safe, we've reset your password as a precautionary measure."
According to journalist Brian Krebs, both Netflix and Facebook analyze major data breaches and cross-check them with their own databases. If they find password reuse (as was the case here), they might proactively reset passwords for the users.
Cybersecurity professionals strongly recommend using different passwords for different services. That's because hackers can hack one account, for example, before moving on to compromise more services. It's generally a drag to try and remember a ton of different passwords, so it's best to use a password management app to generate and remember them instead.