Based on the WMF update of 16 November, https://lists.wikimedia.org/pipermail/wikitech-l/2016-November/087008.html, it makes sense for all administrator accounts to change their passwords and be strongly encouraged to adopt two-factor authentication (2FA).
This is a request to create a maintained list on Meta of all Wikimedia accounts with sysop rights, showing which have adopted 2FA and which accounts have not changed their passwords since 11th November, this being the date of the first identified OurMine related compromised account. The act of publishing this list will help the community contact administrator accounts that remain at risk of getting misused, and for the community to have a discussion of future options, such as forcing password changes on dormant administrator accounts.