Hm, maybe it was mistake. Some of them was DEcrypted by hacker. If you know hashed password, within 5-20 hours you can decrypt it into unencrypted one.
This is complete BS.
md5 passwords, if used in a right way, take years to decrypt.
Of course a password like 12345 can be decrypted in matter of seconds using rainbow tablets, but if this is the case, then it's a slap in the face for your to allow such passwords