Check with the documentation of your hosting plan, you may need to read, at least, Apache and MySQL logs so you can understand what happened, if you have access to the root you can find these files into /var/log. And change passwords as soon as you can.
It's good practice to change them once in a while, so the decision is up to you, but the MySQL was published, so I suggest to change at least that.
Usually defacements are possible if the scripts don't sanitize $_GET, $_POST, $_REQUEST and $_COOKIE data. Read this guide, will help to enhance security in your website: http://phpsec.org/projects/guide/
I don't have a CPanel to test, but you may want to check into MySQL and Activity Log.