Yes, it broke SMTP and it also broke all API access until they kinda-fixed API keys. Pretty much anything you used basic auth for at a touch point.