Internet security teams have discovered a major bug that has exposed millions of passwords, credit card numbers and other sensitive information to computer hackers, and the bug has gone undetected for more than two years, the Associated Press reports.
The “Heartbleed” bug makes it possible for hackers to retrieve code from websites and other online services that would give them access to that information. The bug affects services that use the widely popular OpenSSL security library
It is estimated that over 66% of the web uses OpenSSL, so a good portion of the web may be vulnerable. You can test certain sites using the tool found at: http://filippo.io/Heartbleed/
While the above tool won’t answer whether a site was previously vulnerable at any point in the past. You can find a list of possibly affected sites here, but check their respective blogs for any recent updates—and keep in mind they may have been vulnerable sometime in the past two years (Google and Facebook, for example, are not listed as currently vulnerable, but have yet to issue any official statements).