Don’t change your passwords. It can expose you to higher risk than waiting. That’s the base level advice right now. Until you know that a particular website has updated their security, changing you password opens a heartbeat pingback that is exploitable.
I have recommended Lastpass as a secure way to hold your passwords. They have a terrific tool that checks all your sites and let’s you know when and when NOT to update you password. Lifehacker also gives some good advice on what this all means.