Only a fraction of leaks is actually public and a much smaller fraction becomes public as it's happening, yet changing passwords is easy and effortless.