Cybercriminals are taking the most of the data they stole, a clear example of this is what is happening with the Phorpiex botnet. They are using the exposed credentials from previous breaches to perform more sophisticated attacks. In this specific example, they have been using the exposed email and plain-text passwords for sextortion purposes. 

For that reason, it is very important to measure the risk of the exposed information properly and not only based on the freshness of it. Even if it is old in the right/wrong hands can be useful or a threat.