After running mysql_secure_installation on an existing mysql instance, we found out that existing users had disappeared completely. These were not anonymous users or root users who could login remotely. These were named users that had a password, and who were allowed to logon remotely but only to certain databases.
The only possible contribution to them disappearing I could think of, was the fact that their passwords did not meet the newly configured password security rules. However, dropping the users for this reason without any warning seems an unlikely way of doing things. II could not find any documentation or blog or post or anything that mentioned this behaviour either.
Did running mysql_secure_installation indeed delete the users, and if so, why? Or is there any other reason why these users disappeared out of nowhere?
MySQL version is 5.7.23 running on Debian GNU/Linux 9.