First of all: I didn't claim that (although, yes, maybe that kind of got implied). 
But I even think this practice is useless. They just sent my password in cleartext. It sits now in my inbox and I have to delete it or I store my unprotected password. And - for what exactly? Does that serve any purpose? I just entered it a second ago.
So I question the usefulness of that approach and consider this very first contact unprofessional. YMMV and all.
1: Just tried the 'Forgot my password' dance and it they don't retrieve it at least: Received mail with link to site which sends a mail with auto-generated password to log in. A bit weird, but well..
This was the very first contact. Sending me passwords (same for 'temporary ones' after a reset. I consider that a cumbersome process whereas I consider the initial mail just plain "wrong") delivers more than just the text over this channel.
I read between the lines "Here's your password again from 2 minutes ago. File it away" which again is nothing I consider a good idea. The impression is that they write the digital form of a post-it note of the password for my monitor.
Is it a big issue in itself? Nope, probably not. But it certainly ruined the first impression for me and I'll walk away now. I shared that part because others might (or might not) agree and to potentially save like-minded people a registration.
No, but it does mean that anyone who's able to view your traffic or your mail box content could've seen the password (anyone controlling any router or a mail relay between you and them, or your mail service provider, or even someone with tcpdump on your LAN segment).
It's not helping that you give the wrong explanation. The issue here isn't that the password is recoverable, because you don't know whether that is true. It may as well be properly bcrypted. The problem is that they sent you the plaintext password you just entered via email.