Ubisoft has issued a security update warning that usernames, email addresses, and encrypted passwords have been obtained from the company's account database. "We recently found that one of our Web sites was exploited to gain unauthorized access to some of our online systems," reads an email. "We instantly took steps to close off this access, investigate the incident and begin restoring the integrity of any compromised systems."
While it's recommended that you change your uPlay account password to be on the safe side, Ubisoft specifically points out that, thankfully, "no personal payment information is stored with Ubisoft, meaning your debit/credit card information was safe from this intrusion." As for those passwords, even with the encryption, it's possible for them to be cracked.
For more information on this security update, read over Ubisoft's FAQ.