By default WordPress 5.5 includes an XML sitemap which lists the authors/users on your site. In some cases this is a security risk as it gives a hacker a username to use on the Admin Log In screen.
You may see some posts mention wp_sitemaps_register_providers this is out of date.
To disable this add the following to functions.php
add_filter(
'wp_sitemaps_add_provider',
function( $provider, $name ) {
if ( 'users' === $name ) {
return false;
}
return $provider;
},
10,
2
);