On February 23, 2017, Cloudflare, an embedded content delivery network and internet security services provider, disclosed a security vulnerability in their edge servers, which could expose information such as HTTP cookies, authentication tokens, and HTTP POST bodies. Salesforce has posted more information here.
If you have reason to believe that some of your data may have been exposed, it is highly recommended that you roll your processor API key, then update Payment Center with your new key.
Your processor should have instructions on how to roll your API key. As an example, here’s how you would do it with Stripe: https://support.stripe.com/questions/what-happens-if-my-api-key-is-compromised
Instructions on how to update Payment Center with your new API key can be found here (click on your processor and you’ll find the instructions there). As an example here’s how you would do it with Stripe.