April 3rd 2014
What's the issue?
A vulnerability identified as Heartbleed has been discovered in many online “secure” cloud services and websites that you may connect to. You should be aware that some of your information and passwords may have been (and may still be) vulnerable in transmission. This vulnerability is widely thought to have affected the majority of secure services available on the Internet.
What's the impact on my business and personal information?
Assume your passwords on all secure websites, email, and cloud services have been compromised.
What do I do?
Update 4/11/2014: CNET is keeping a useful list of safe/unsafe sites up to date real time.
Update 4/10/2014: Change your email passwords (after confirming whether your email service provider fixed the problem.)
Change your passwords on all secure (https://) sites you have a login and password for, [Update 4/9/2014] only after the website in question has been patched. To test a specific site to ensure they have patched their system, use this tool: http://filippo.io/Heartbleed/ [Update 4/10/2014]: or check this list.
Service providers have had a four day window before yesterday's announcement to fix the security hole, and most have. Some haven't. Test your banking site, your industry portals, and your online email. But in all cases, change your password as the site may have been compromised prior to the patch.
Does it affect my NPC system?
No. The information on your NPC systems are protected and safe. All NPC online services have been tested and are safe. The issue for you is that due to the Heartbleed vulnerability, information that you transferred to and from secure sites (sites that start with https://) may have been compromised, including your passwords to those sites.