AA members not unreasonably complied when they received an email warning them to change their passwords … but the AA’s servers couldn’t cope

https://nakedsecurity.sophos.com/2017/06/29/who-was-to-blame-for-what-looked-like-a-ddos-attack-on-the-aa-that-would-be-the-aa/