Anybody affected? Sounds like the greatest danger is if you use the same password for multiple web sites. Mrs WD was using the same password on her FitBit and some other web site. For some reason Cloudsream isn't releasing a comprehensive list of affected web sites. I use unique passwords for all of my financial accounts and common passwords for classes of web sites (ie. all my antique truck related websites have the same password, all of my Volt related websites have the same password, etc). I've changed a ton of passwords, probably unnecessarily.
https://www.lifehacker.com.au/2017/02/cloudbleed-here-is-a-list-of-websites-confirmed-to-have-been-affected-by-cloudfare-bug/