I remember there was a game server where attackers introduced a Trojan and it caught passwords when changing them right on the server. After that, the attackers began to sound the alarm on the forum for the game and by word of mouth. Everyone who changed their passwords lost their accounts. Before the shop was closed, many lost their game values, and then the admins returned not everything and not everyone.
Of course, this is not your case. I just remembered the topic.
And on the topic of the question, the answer is: read carefully and do not be lazy to think before any action. There is never a need to rush, much less panic or sound the alarm. Carefully hover your mouse over the link and make sure that the address there is the same as in your screenshot. If the link leads exactly to reg.ru, then I see no reason for concern. As a last resort, you can check the sender's ip and the path of the letter (because the return address is not an indicator). Well, for 99.99% reliability, it’s better to never follow links from emails at all, if you haven’t initiated these emails for the next 5 minutes on the official website, like “I forgot my password, send me a new one.”

For starters, it's worth looking at:
- the original text of the letter - whether it really came from reg.ru. You can also contact the support - was the incident really registered
- the log of logins to the account, if one is being conducted - was it really knocked
If the support confirms, if the letter is true from reg.ru - well, it's probably worth changing the password ... If it's on # foolish duplicity - score :)