Password reuse is still bad, your password doesn't have to be breached through a database dump. You could be accessing a compromised site, or get caught by any number of network attacks from stripping to mixed scripting to dumping a stream that doesn't have forward secrecy. https://www.imperialviolet.org/2012/07/19/hope9talk.html
My point was, if they hash properly, a simple db dump is not a big deal (although obviously considering the password compromised is sensible, and password reuse is a bad idea which is not a proof people don't do it).
I'm signing out of this thread as my point seems to have been lost somewhere. Thanks for the interesting link though.
