All these places store passwords as salted hashes. Always a good idea to change your password in these cases but I really doubt they just got a list of plane text usernames and passwords. Typically they target a few key accounts and bruteforce the hash.