This is a temporary issue we're currently investigating, there is nothing to panic about as we're aware already. Also, "brute-forcing" is extraordinarily difficult across Tor. If you have a 4 character password and make us of both a number, letter and special character combination, there are 12,117,361 possible combinations to try. At 5 characters this rises to 714,924,299 and 6 characters to 42,180,533,641 so you can see a brute force attack across tor on login credentials is completely infeasible - this kind of brute force attack would only work on such small combination fields if you had a file locally you want to crack or it will a bit of ciphertext not requiring interaction across a web page to conduct it.