>>>Good chance of finding one user/pwd combo employing dictionary attack plus perhaps some site specific info and crafting specialized try outs for currently unknown target site pwd (common dictionary result plus DB-site specific info) IMO...
>
>That may be the case, but it's not what happened in real life where expedience/carelessness by "the guards themselves" causes the most breaches. Criminal hacking caused less than 2%. The guards often prefer to focus on the 2% when in fact they need a mirror. ;-)

Last sentence sounds plausible ;-)
How trustworthy / complete (from a statistical sampling POV, as in "not skewed") do you believe your base info to be?
Often data breaches are not talked about in the open unless it is mandated by law to protect the customers whose info was breached.
Any links of compiled data or something you personally follow and (gu)es(s)timate yourself?
While looking at latest breaches will give you probably better protection than my theorizing, quite a few things I found roboting with IE3-6 last millenium were later used as attack vectors, so I try to keep my danger radar in tune ;-)