I have noticed several accusations that they have not asked me for any loan but they have not changed their password. Unfortunately, I have accepted one of them. I am worried about the access of those accounts without changing the password. How is the hacker processing like this?
Maybe someone else in their surrounding had access to their accounts, so there was no need to rest password and take full ownership of account.
Weak passwords are easy to crack but in most times users made mistake with sharing password, or keeping browser opened with logged in account.
I looked at examples you posted and I would not fully trust what those members are saying.