QUOTE(Wikitaka @ Fri 16th March 2012, 3:43pm)
How great is the possibility of a database hack attack on WP by e.g. LulzSec, Anonymous, etc that would retrieve the full user list with passwords, etc
Very unlikely. The sysadmins can read the hashed and salted password list, but they are hashed with an up-to-date cryptographic hash function, so even they can not retrieve the plain text without quite a bit of effort expended on each.
and the "top secret" areas like CU, ArbCom, Jimbo's files, and so on?
Well, that has happened and will probably continue to happen periodically. All the sensitive email lists are distributed to many people by email, and few of them take the kind of precautions that most people named in those emails would probably prefer. Until that changes, it's probably safer to use a pseudonym for your email as well as your wiki accounts if you have anything to lose by exposure.