I don't think that's the original reason. It's more that email is an insecure medium in general. SMTP, POP3, IMAP, etc don't always use encrypted connections. It's becoming more common to encrypt them for the first hop and last hop, but end users have no control over the security of their message as it travels server-to-server. A man in the middle can easily inspect or even alter the contents of the message.

Sending passwords by email also has a worrying implication — it means that the site knows what your password is. Passwords should be hashed. A website shouldn't be able to send you your original password because it shouldn't know what your original password even is. Unix got rid of plain text passwords in 1973; this has been a well-known security principle for longer than many of us have been alive so there's really no excuse for still making this mistake.

(PS: for what it's worth, I don't think AnomalousMonk was disagreeing with you, just pointing out that "email XYZ via email" is a tautology.)