This week the headlines have been dominated by an internet bug called Heartbleed which has affected millions of websites and their users who have all been warned to change their passwords.

Here we explain just what Heartbleed is and what you need to do:

What is Heartbleed Bug?

The Heartbleed Bug is a small flaw in the code of the OpenSSL library, a piece of software which underpins two-thirds of the active websites online.

How does it affect me?

Two-thirds of all the active websites on the internet rely on OpenSSL to encrypt communication, therefore is it likely that many of the services you use on a daily basis have been affected.

What information could be stolen?

Anyone exploiting the Heartbleed Bug could have stolen usernames and passwords, credit card numbers, and possibly even the private encryption keys websites use to keep user data private.

Can it be fixed?

The OpenSSL Project has already issued an update to fix the bug and all major online websites and services will have already implemented the update and most will have issued new encryption keys.

Should I change my passwords?

Yes, but only if you know the website or service the password is associated with has updated its systems. If not, criminals will still be able to steal your new password.

What happens next?

The ramifications of the Heartbleed Bug are unlikely to be known for a long time, as those exploiting it leave no trace they have done so. The Bug has been in the wild for more than two years and evidence suggests some people have been exploiting it long before it was made public this week.