Is anyone with the list of passwords testing it against CPAN authors with the same or similar username or registered email address to make sure the passwords get changed? It seems like it'd be a good idea to regenerate the passwords or lock the accounts of people who don't change their password and have it published.