It gets worse... http://it.slashdot.org/story/13/11/0...ted-not-hashed
Bottom line the hacked passwords were encrypted not hashed.
Why does that matter?
Brute force attack can unencrypt the passwords giving the hackers the original password in plain text whereas a hashed password is much harder to find the original password.
If you use the same password on multiple sites then the hacker has your password for those other sites.