All Zoho servers are patched, and your data is safe.
Soon after the information about this vulnerability became known, we started patching all our servers using the newer, protected versions of OpenSSL. This operation was completed in a few hours after the news broke out. We renewed our SSL certificates too. So, we are no longer vulnerable.
As of now, we have no indication that the vulnerability has been exploited against any of the Zoho applications. However, we would like you to follow these safeguards.
1. Change your Zoho account passwords immediately.
2. To be doubly safe, enable Two Factor Authentication (TFA) for your accounts.
We will update this post, as and when we have more new info about the vulnerability.