A massive security flaw called Heartbleed has put millions of Internet users at risk for the past two years. Some experts are calling it the most dangerous bug online. Usernames and passwords and possibly credit card information may have been intercepted on what are supposed to be secure websites.
The bug causes a vulnerability in the OpenSSL cryptographic library, which is used on servers to scramble sensitive information to protect people's privacy. Two-thirds of all websites use OpenSSL, including major banks and social network sites.