Previously I wrote a posting about creating strong passwords for your accounts. Many people use “weak” passwords that are vulnerable for hackers. This time we have an Internet security hole for websites that start with “https” in the URL. The media is telling everyone to change their passwords; however do NOT change your password until the website provider applies the patch. Once they have applied the patch then you must change your password.
This is a very serious security hole that does not affect all Internet sites that have secured logins. There are a lot of sources to find out what sites are affected. This link provides a list of sites that are impacted that have applied patches and ones that are not impacted. Here is another link about Heartbleed that claims it affects 80% of websites! Here is a link I found regarding WordPress. And here is a tool to check a website heartbleed test. As a side note, I am in the tech field but on the software side. I do not specialize in security but I hope that sharing this information is helpful.
Once you know if a site you use is impacted, do NOT use it until there is a PATCH and then
CHANGE your password to a STRONG password!