This exploit has been around for about 2 years. So in the event the password was grabbed from this site now that it has been patched changing the password would prevent it's possible use in the future due to the exploit.
Also, if you use the same password on multiple sites, a bad idea) and if one of those sites has not been patched yet then the info can still be grabbed.
Ideally you should never use the same password on two accounts that matter. Whoever is in charge of security at, say, HottestCheerleadersPlusCheapMedicineFromThailand.com (not an actual site I have visited) might not know how to protect against hacks, or might even dishonestly sell its user info to hackers. They could then blindly try the combos elsewhere.
Like x 1
