A bit of stats on last.fm leak:
1) It happened a WHILE ago. 2010/2011
2) 17.3 million raw-md5
3) 16.4 million cracked. 95% cracked.
see http://news.ycombinator.com/item?id=4083339
That's ignoring all the resources that offer access to precomputed hashes (I don't want to call a list of MD5 hashes a rainbow table).
Easy or not, passwords saved with this scheme are unprotected.
A bit of stats on last.fm leak:
1) It happened a WHILE ago. 2010/2011
2) 17.3 million raw-md5
3) 16.4 million cracked. 95% cracked.