An internet security bug announced Monday may be putting your personal information and your web based business may be at risk!

Earlier this week a security vulnerability was discovered in the encryption protocol OpenSSL, which is used on most websites that collect private information, use passwords and collect credit cards. Most websites that try to protect their users information, such as Gmail, Yahoo and your bank also use OpenSSL. Many web based businesses, eCommerce sites, SaaS (Software as a Service) services and other transaction based websites also use this protocol.

Most websites are in the process of patching this vulnerability however it could take a few days. Security experts are recommending people do NOT use their banks or other secure websites until Friday or until they have verified the vulnerability has been fixed. They are also recommending that you change your password to all your secure sites including your bank, email provider and any SaaS applications you run in case your account has been compromised. You should do this only AFTER you are confident that site is protected.

Read the NPR story about this vulnerability here.

The article also provides a link to a tool that can check your sites to see if they are vunerable.
http://filippo.io/Heartbleed/