Even if it is hashed after before storing it in the database, I still think that they should not send out the password in an email.
If your email gets hacked or is hacked, they can easily find your password(which you should not), then you have an even bigger issue.