A serious vulnerability has been discovered in the OpenSSL cryptographic software library used to secure web connections, affecting nearly two-thirds of all websites.
The bug allows a hacker to steal information such as passwords, encryption keys, financial data and other important personal information send through a secure (https) connection.
Fixing this bug requires websites that use OpenSSL for secured connections to update to the current version of the software which eliminates this problem. Most major websites that use this software have installed the required updates.
If you are concerned about a particular site such as your bank, I would contact them directly to find out the status, or you can go to the Heartbleed test site and put in the website to check if its vulnerable or not:
In any case it would be a good idea to change your online passwords on sites that have fixed or do not have the issue, just in case there has been a previous security breach.