If you use website's such as facebook, gmail, instagram, or yahoo just to name a few your senstive information including username and passwords COULD HAVE (key word) been exposed over the past two years due to a vuluneribily in the encryption these websites were using. It's recommended that if you have a password on any of these websites that you change your passwords on them. While it doesn't look like most major bank or brokarage firm was affected (the exception being USAA) if you used the same password or something similar on an affected website and say your online bank change the password there as well and any where else you may have used that same password. In fact it's recommended that everyone change their passwords every 6 months....but I know no one actually does that and I bet most people who read this has never changed their password once they setup their account. So take this opportunity now and change your passwords.
Here's a list of known affected websites: