First of all, we upgraded OpenSSL on our servers so they are no longer exposed to Heartbleed. Secondly, we replaced the SSL certificates we use and revoked the old ones. These were behind-the-scenes changes and didn't affect any of our customers.
We estimate it's very unlikely that anybody's password or data was exposed. However, to be on the safe side, we recommend our customers change their passwords.
Please don't hesitate to get in touch if you have any questions.