Password on keychain has been changed without me doing anything

Hi everyone, I have a question about the apple keychain. I tried to sign into my account for my local library and when I went to use touchID for my details to be automatically filled into the sign-in area, I noticed that the password seemed to have a lot more characters than I remember putting in. I figured maybe I was mis-remembering and clicked 'sign-in' but the library's website said that I had entered the incorrect password. So, I checked what was in my keychain and sure enough, the password that had been saved there was basically a keyboard smash of random numbers, letters and symbols. There was also a notice saying that my password had been compromised in a data leak. I keep all my passwords written down in a notebook (for situations such as this) and signed back into my account on the website. I went to change my password through the keychain notice and it redirected me to a '403 Forbidden' page (see image). I'm wondering a few things:

1. have I been hacked? I do not remember changing my password and I haven't accepted any suspicious emails/text messages; I try to be pretty diligent about that kind of thing
2. Or, is this some kind of safety feature that apple has? Where if a password gets compromised they save something else so that I have to manually change my password? This seems unlikely because I know some other passwords have also been leaked but they've never been changed without my input
3. Am I safe to go ahead and change the password? I don't know a huge amount about cyber-security, but the fact that I've already interacted with the touchID to input the saved passkey & then signed in manually has already got me on edge. I know this is just an account with my local library but I get the feeling that this could be some weird man-in-the-middle attack to get me to "safely" put in new info and then gain access to further accounts.

Any advice would be greatly appreciated.