A newly identified bug named the Heartbleed Bug has made nearly 70% of all websites on the Internet insecure — over 600 million, to put this in context.
The Heart bleed Bug makes the secret “keys” that encrypt your online data vulnerable to theft. An attacker can easily steal your usernames and passwords, instant messages, emails, business documents and communication from servers with this vulnerability.
Neither you, nor the people who provide you with your online services will even know if there has been an attack, so the only prevention is changing your passwords on critical online services. We would recommend doing 2 rounds of password changes 2 weeks apart, over the coming month to reduce the risk of a previously intercepted password being used in future.