If I didn't read the posts on this site I would never know about a lot of things, so it was with some interest I read MacInWin's post and attached link. Certainly hard to fathom why some people and not others.
In the last 5 years I have had a couple of MBP's authorised to my iTunes account, been a part of the Beta Testing group running clones of my Mac's OSX on external HD's had a couple of iPhones, an old iPad, now an Apple watch, turned 2 Step Verification on and off numerous times, changed countries many times, I cannot count the number of times I've had to enter a verification code on one or more devices but I am still using the same Apple ID and password for everything Apple that I was 5 years ago.
So you would think that I would be a good candidate for a request to reset my password if a colorful activity record was the criteria.
There is only one thing that I don't do that others may, I don't use my Apple email address for anything other than communication between Apple and myself. I checked it today on the "Have I Been Pwned" site and no hits, whereas my gmail address has been compromised in a number of data breachs.
Is it possible that Apple have had a data breach? Given that we only find out about this stuff ages after the event who knows?