Breached databases are floating around in dark web. I have not used USAJobs for over 10 years and I haven't used the same password on other sites. It more likely they have more but I'm not too concerned as my passwords are all different. Most financial, social, email and other sites now requires 2FA or email notification from unknown sources.
To be on the safe side, might be good idea to go ahead and change the passwords.