Automattic has reported that there was a recent security incident which could have potentially made account passwords visible. If you have a WordPress.com account it is highly recommend that you update your password.
NOTE: This does not affect self hosted WordPress sites, but it is still a good idea to update passwords from time-to-time.