If the previous breaches are of any indication, it's that users don't give a shit - many major websites have leaked passwords (https://haveibeenpwned.com/PwnedWebsites) and they're still alive and kicking; for the ones that have gone down the drain (Yahoo!) it was more because the service itself faded into irrelevance.
Based on that I'd say it would be pretty safe to disclose a breach and reset all passwords; if your service is relevant your users will stay with you, and if not then not disclosing a breach will only buy you time before the inevitable happens anyway.
I suspect by "Losing active users", GP meant losing people who get confused or stuck throughout the password reset phase. Twitter is used by a lot of computer novices.
Twitter did disclose this, through email and on first login. Anyone they'd lose because of the breach is long gone and I also think it's probably next to nobody.
Based on that I'd say it would be pretty safe to disclose a breach and reset all passwords; if your service is relevant your users will stay with you, and if not then not disclosing a breach will only buy you time before the inevitable happens anyway.