Hi
Heartbleed is not a Virus or Trojan that infects local PCs. It is a bug in specific versions of OpenSSL. OpenSSL is used by some Web sites to protect customer data, such as passwords and other private data, as they pass over the Internet.
The vulnerability has the potential to expose user passwords among other private data.
According to the following article, a number of Web sites were affected including Facebook, YouTube, Netflix, and more:
http://www.cnet.com/how-to/which-sites-have-patched-the-heartbleed-bug/
While this does not mean passwords or data were actually stolen, it is recommended to change your password.
Since it is virtually impossible to list every site that was affected, it is recommended to change passwords on all sites. A strong password is also recommended as a best practice to reduce potential for hacked passwords.
For examples of strong passwords, refer to the following article:
http://h10025.www1.hp.com/ewfrf/wc/document?cc=us&dlc=en&docname=c01855085&lc=en&jumpid=reg_r1002_usen_c-001_title_r0001#N58
If a customer is unsure whether a specific Web site uses OpenSSL, or if a Web site has been patched, they should contact the administrator of the Web site.
Additional technical information can be found at:
http://heartbleed.com/