tl;dr We don't know if these are plain text passwords or how secure they are even if they are hashed
The article doesn't say if the passwords are plain text or hashed but it's pretty common for dumps like this to only contain hashed passwords but that doesn't always mean they are secure because there are also databases that have the reverse so given the hashed value you can just look up what the password is.
A hash is a special kind of function that can't easily be reversed. You give it some input (PASSWORD) and the hash functions changes it (HASH) usually using some complex mathematical operations.
Let's ignore the part where you have to convert from strings to numbers and back again and just think about numbers. Say you have a function, called hash1 that takes a number, multiplies it by 6 and adds 3. Give it input 10 and the output is 63. This function can be reversed because 10 is the only input that results in 63. If I gave you the number 63 you could easily get back to 6 by subtracting 3 then dividing by 10.
If I made a similar function hash2 that multiplies by 6, adds 3 and just gives you the last digit back, you couldn't easily reverse it. For example if I said the result was 1, you wouldn't know if the original number was 3, 8, 12, 18,...
There are other things that make a suitable hash function like being fast to calculate and the output always being a fixed size even when the input size changes.
People spent a lot of effort thinking up good hash functions and over time they have improved.
As computers became faster it's easier to use big clusters of computers and people began to create the complete set of inputs and outputs of some older hash functions which were once good enough. These are often called rainbow tables. If you have a list of all inputs and outputs you can easily make an index that shows you the input (PASSWORD) for a specific output (HASH).
You can combine the password with a number called a SALT that make rainbow tables useless or at least less useful but computing clusters are so incredibly powerful these days that even when you do that it may still be possible to reverse to get the original password if you use an outdated or weak hash function - in particular if you don't use a SALT.
There is a constant battle between people making stronger hash functions and people "cracking" them. Storing passwords securely is not as easy as it seems and people do make mistakes and cut corners and think they know better. For example reddit stored plain text passwords in their database for some time after they launched.