It wasn't a root certificate that was compromised, was it? Unless you consider the breach at Comodo to be a compromise, in which case, axe Comodo's certs (and suffer 10000 SSL cert warning dialogs).