Users who haven’t changed their passwords since 2014 are highly encouraged to do so.
Source: CNet