The Heartbleed bug

Here is an article from PC World that covers this topic in layman’s terms

This is a free tool from LastPass that will help you check websites that you log into

If the site uses Open SSL — and has not recently regenerated their certificate — changing your password doesn’t mean anything.

If they have regenerated their SSL cert, then go ahead and change your password (user name too if possible).