Here are some articles about password sniffing and real-world systems. Documented accounts of successful password sniff attacks do actually exist.
(I’m not trying to pick on the OSS folks when it comes to poor password handling, but the two most recent incidents were connected with OSS systems. In reality, OSS and non-OSS systems are equally vulnerable to password sniffing attacks.)
Debian had a few of its servers compromised a few months back. It looks like the attack started with a simple sniffed password. See this and this.
The FSF Savannah project had the same attack successfully performed on them. The article does not mention the password sniffing part, but does say that the attack was identical to the Debian attack. Does anyone know if a sniffed password was also used in this attack? See this.
Here is a random CERT account of someone who collected passwords. CERT claims some passwords where sniffed, but I have no idea how they would know that.
Finally, here is a random article about E-Bay. There isn't any evidence that e-bay customers had their passwords sniffed, though.
Although password sniffing is rare, it is still something that people should worry about. Common sense dictates that we shouldn’t be storing or sending plaintext passwords.
Although your chances of getting struck by lightening are pretty low, you should still get out of the water when a thunder-storm arrives.