They say everything should be encrypted but are urging users to change passwords just to be safe. Their servers may be overloaded with people trying to do so because I couldn't load the reset page.
Alright guys/gals, I just received the following email from comiXology.
At least they're being relatively proactive about this and warning people before password leaks start happening. I deal with some pretty big companies (for software) on a regular basis thanks to work and they can take ages to notify people of security leaks. (Looking at you Adobe and Autodesk!) So I mean this is a good thing.
If you use comiXology and use the same password there as you do elsewhere (which you really shouldn't, but I understand if you do) then you should probably go reset yours right now even if you haven't received that email. Better safe than sorry.
EDIT: If you need to reset your password you can do so here.
EDIT 2: Everything seems to be working now. Tried it again and it went through easy peasy.