An admin is able to log out any user by going to their Preferences - Security tab and clicking ‘log out all’ or by selecting a specific device from this user and selecting the log out option.
I don’t think it’s a good idea (nor legal) to leak the admins IP address to the user,
but it would certainly be good if the user knew it was an admin who logged them out, or if it was someone who compromised their account.
It’s basically answering the “what happened??” question raised by the popup.