I don’t know (and don’t care) if this has been reported before or not, but whose bright idea was it to send password through email??
You’re not supposed to send password in plaintext by email! Even if they’re automatically generated! I mean you don’t even require the password to be reset upon first login. Very bad security practice.
Please, change your procedure/policy.