Unless you have been living under a rock for the last week and a half, you have probably heard about Heartbleed. In case you don’t know what Heartbleed is, it is not a virus or attack like many people think it is. Heartbleed is essentially a bug that was discovered that took advantage of the way data is stored in computer memory. It allowed anyone to collect strings of information, which can include security information like usernames, passwords, security questions, even traffic data. XKCD has a great comic visualizing how the Heartbleed bug works.
Why this is a serious problem?
There have been many bugs and viruses that make national headlines over the years. Heartbleed is so significant because it affects OpenSSL which about two-thirds of the internet runs on. This means that almost ten thousands sites were compromised, including large sites like Yahoo. If you used a site that had this compromise, anyone could have gained access to your personal information. Mobile apps have also been affected as well.
If you find out that your favorite site is at risk, changing your password immediately might not be enough. Until the website patches the problem, your new password will also be at risk. While a patch has been made available, the security gap was open for almost two years. Mashable has a list of sites that you will want to change your password for right now.
Overall, Heartbleed was a significant security hole. In fact, it was probably the largest internet security lapse so far. It was very widespread and it is likely that almost everybody had some account linked to a compromised site. This is why it is imperative that you change your passwords on all affected sites after they patched their server.