It is probably a safe bet if you changed all of your online account passwords right now if you haven’t done so today already. There’s a huge security computer bug in OpenSSL, a popular data encryption standard, called Heartbleed which has gone undetected for two years. The bug allows hackers the ability to extract very important data from the online services we assume are mostly secure and that we use every day.
OpenSSL works by encrypting your data, or making it so that the stuff being sent from one computer to another looks like complete nonsense to anyone but the intended recipient. The heartbeat happens when one computer occasional checks to see that there is still a computer at the other end of the secure connection by asking for a response. Heartbleed takes advantage of this but mimicking the heartbeat in order to trick your computer and steal all your data.
What makes the Heartbleed bug so concerning is that it is not so much of an easy fix, and it doesn’t leave a trace. Hackers have access to past and present online transactions, emails and what have you. Sights such as Google, Facebook, Yahoo, Tumblr, Instagram, Pinterest, Dropbox, Soundcloud and GoDaddy have been affected and, frankly, didn’t have a clue about it until just recently.
If you want to see if your favorite sites have been compromised you can check CNet, which has a constantly updating list of popular sites being patched. You can also look at the Heartbleed test and LastPass Heartbleed checker to check up on Heartbleed.
And in addition to changing all of your passwords, you should also clear out all your Web browsers' history, cache and cookies, avoid email scams that offer quick fixes, and check your bank account and credit-card statements just in case.