The user posted approximately 6.5 million hashed passwords to the forum, and according to security software firm Sophos, at least have already been cracked. Thus far no usernames have been released, which either can mean that the hackers didn't manage to download them or they are keeping the usernames for themselves. Either way, that's a lot of leaked private data.

Yes and no. The passwords were all hashed using SHA-1 and so they won't be readable without the right software. Unfortunately isn't entirely foolproof so it could only be a matter of time before all 6.5 million passwords are cracked and converted into plaintext. Since we don't know whether or not the hackers have usernames as well, it's best to assume the worst and consider your account hacked.

For one thing, hackers would have control of your account and contacts. If you use the same username and password combo on other sites, then there is a risk that those accounts are now compromised as well.