Heartbleed affects OpenSSL, a security software library used at Web sites around the world.
As a result, many popular Web servers and services have been affected - amazon.com, yahoo.com, and many other popular sites. As the researchers at CODENOMICON said in their announcement, "Your popular social site, your company's site, commerce site, hobby site, site you install software from or even sites rub by your government might be using vulnerable OpenSSL."
Although there is a little evidence that the Heartbleed vulnerability has been used to steal passwords from affected sites, because this bug has existed for two years before the CODENOMICON announcement, we advise you to be careful about what sites you visit.
The University also recommends that you follow the procedure outlined below to change the passwords you use at Web sites where you have email accounts, shop, make financial transactions, or have confidentiail informaion stored.