As in site hacked? Yes. Change your passwords, if possible use auto generate cpanel one which gives all those LNC combo. (and note it down) if you have root access, change it as well to simialry as above and NEVER have root account password the same with any other sites/accounts. Why? because if a person can log in an account with root password there are many ways to inject files and phishing sites via it. happened to me once, I change all my account password and root password. Now they each have seperate password with "djhgh)kf:8;?>i" (auto generated) such combos.