Updating previous statements, Picturepark confirms that its Picturepark Cloud had been vulnerable for Heartbleed by use of OpenSSL on load-balancer appliances.
Picturepark took immediate action and updated these appliances the moment new firmware became available on April 9, and additionally re-issued new SSL certificates at the same time. Although it is unlikely that Picturepark had become target of cyber criminals, we strongly advise all users to change their passwords as a precaution.
More information on Heartbleed, which affected an estimated two-thirds of all SSL-protected sites, including Amazon Web Services and Google, can be found here.