Something weird is going on. I just downloaded the CSV file and my account was in there(I don't really have any bitcoins at the moment, so that's OK). But I just got a message when trying to log into GMail about 'suspicious' activity being detected on my account. My guess is that someone might have tried logging into my mail. Luckily my email password is unique, so I don't think anyone got in. I hope that other people in their DB was savvy enough not to re-use passwords.
About 1600 passwords in this database are hashed with plain md5 without salt. I found quite a lot hits (34% success rate) using a rainbow table cracker.
Password hashes are standard php crypt() ones. I'm in that DB, was able to generate the hash using the DB entry (in contains the salt for each password) and my one-time password from mtgox. One-time PWs ftw.
Apparently someone got the whole user account database of Mt.Gox
I wont publish the link to it though for obvious reasons.
Quick analysis: the database is legit, it contains user id, username, email if set, and a bcrypt hash. The hashes seem salted with a global salt.