*UPDATE*
You may be aware of this by now, but if not some info about heartbleed. It does impact dropbox, yahoo (and all of its services), soundcloud and many, many other sites. Google was vulnerable but fixed it as others (including Facebook) have. It does not seem that the banking sites were hit (yet), but it might be a good time to change all of your passwords.
This is a short list – a longer list is at github.
Longer list from user contributions:
Tool to check:
https://lastpass.com/heartbleed/
https://lastpass.com/heartbleed/
and more info about it
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160
Should you update your passwords? Maybe.
http://www.dailymail.co.uk/sciencetech/article-2601379/Will-changing-password-really-protect-Heartbleed-Experts-warn-solution-not-simple-thought.html
and a little perspective:
http://www.nytimes.com/2014/04/10/technology/users-stark-reminder-as-web-grows-it-grows-less-secure.html
I would advocate for changing now and changing later.