The Heartbleed bug, as it has become known, is a weakness in the encryption protocol in OpenSSL—which can expose vast amounts of data including: account usernames and passwords, system information, and more. This bug affects Web servers running OpenSSL—and has been around since the launch of OpenSSL v1.0.1 in March 2012.
Mashable has posted a list of affected sites here: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/. Additional suggestions for password security are as follows:
- Use unique passwords for all of your accounts online.
- Use secure passwords consisting of upper and lower case letters, numbers, and special characters
- Change your passwords periodically to insure security