The cynicism is that he assumes the host has poor intentions. Sure, the OP could store the passwords in hope that some people may be stupid enough to use the same username and password on their BLF account and on their blocklandsaves account, but I'm almost 100% positive that the OP had no such intention and just failed to hash the data before sending it.
Regardless of opinion on OP's intentions, I definitely think Kalphiter went about confronting the OP the wrong way. A PM explaining what the OP should do would have sufficed. If the OP ignored the message or failed to fix it, then Kalphiter could go about instilling doubt and fear into potential users of the service. There's no reason to assume the OP did this intentionally.