Depends. If the leak or breach reveals actual password, then yes, you're screwed. If it reveals SHA-256 hashes, then you're screwed unless you chose a good high-entropy password (e.g. lBBo1f93XbbKs2hKa8T5pR). If it reveals PBKDF2-hashed, bcrypt- or scrypt-hashed passwords, then you're almost certainly safe, unless you chose a really poor password (e.g., the following is a Base64-encoded PBKDF2 hash, with 100,000 iterations of SHA-256 and a seed of 'QDTGEqi8to9PrkpBgCbnN0': 8h1HO6omVWhusXcQRGS0CcTzSC5AkAIvodC+hT/AoRk=; I contend that you will not be able to guess the password I used for it), since trying passwords with a good key-derivation function is so slow.