It is always good to be safe, however, even if anyone has gotten any access to the site, the passwords shouldn't be stored in plaintext, and should be encrypted. Which they most likely are.