We have been working to assess the impact for our customers in the wake of the April 7th’s disclosure of CVE-2014-0160, more commonly known as Heartbleed.
Customers are not directly affected by the bug on YellowSchedule and we have never used the OpenSSL version which exhibits the problem.
But even though you would have not been exposed to the bug through us, unfortunately this issue has affected a large percentage of other online services on the internet. If you use the same password on YellowSchedule as you do for other services then we recommend you change your password. (We always recommend that your password with us is unique and not shared with any other services!)