The volume of malicious users and malicious projects being created on the index in the past week has outpaced our ability to respond to it in a timely fashion
They had this plan in place since earlier. They rolled it first to critical python libraries [1]. They even had agreement with google to provide free hardware security keys for free for those developers [2]
[1] https://www.malwarebytes.com/blog/news/2022/07/pypi-starts-r... [2] https://pypi.org/security-key-giveaway/