You seem unfamiliar with the specific case. It wasn't the user database that was compromised.
It was plainly obvious to any user of IEEE that they were storing your password in clear text. Because they would, y'know, mail it to you. And the mail would have live hyperlinks to access your account, which generally means GET requests.
Then please don't bring it up, i.e., say things like "if the user database is compromised, you can safely assume all of the site is".
And nobody every took issue with that?
Maybe they did, maybe they didn't. IEEE members are probably slightly more informed than your random AOL user. There are plenty of mail managers out there that mail you your password automatically every month.
A password leak is one of several ways in which a user database can be considered compromised. Beside the fact that every leaked user had access to every other leaked user's database record, which is a huge breach in itself, how do you know that no administrative credentials were leaked?
The user database was compromised in a major way, even if nobody got root.
It was plainly obvious to any user of IEEE that they were storing your password in clear text. Because they would, y'know, mail it to you. And the mail would have live hyperlinks to access your account, which generally means GET requests.