This is apparently a massive bug that no one heard about before now? So I was wondering if this affected things and what needed changing? I was told that all passwords ever entered ever needed to be changed. Thank you!
http://heartbleed.com/

Supposedly you can check things here: https://www.ssllabs.com/ssltest/

Pretty sure Mysidia doesn't use SSL.

In all honesty, it doesn't matter if you change your passwords. If they've got your details, they've got your details.

Where you live, your date of birth, credit cards. Everything they need to rack up bills in your name, or any other kind of fraud and hacking. It's too late. If they have it, they have it. Changing your password isn't going to save you really.

Not when they can call up the company, put in a complaint and give all your information, pretending to be you... In Australia, all you need to confirm your identity on the phone is Full Name, Date of Birth, Address, and Phone number.

So.. internets is screwed no matter what XD

The problem now is that the people who have the information now have to be careful, because it's gotten loose how they've gotten it. So if they use it, it should be easier to track them done. Once the patch was released, and the bug was brought to life, I think all the information they now have becomes pretty useless.

Yeah, I checked mysidia a few days ago, Miki is right.

Most things were patched on the first day, but this bug's been around for 2 years and even the website I used for checking was spitting sensible information. I don't think there's anything we can do at the moment honestly. You can only change your password after the website has patched the bug and issue a new SSL certificate.

This bug was caused by a mistake in the code we are actually talked about and taught at college. The fact no one found it while looking at it before I bet was because the variables had no meaning and there was no comment explaining what it was doing. Seeing the basic recommendations for writing code actually being broken irl and cause such a huge problem is nerve wrecking.

With this huge mistake, we can learn and improve.
Remember to never connect your accounts with the same password combination for anything and most importantly check your bank's website.

umm, this does look serious for webmasters running active sites. Its stunning that the bug has been around for 2 years.