The Heartbleed bug currently has the internet in a state of caution. The sheer number of affected websites and servers currently means that all the information on the internet is at risk. Mashable has a list of the biggest websites affected, which indicates the websites that you should be changing your passwords at.
These websites are some of the most popular on the internet, and store large amounts of personal information. Facebook and Gmail are both on the list, as is Tumblr and Yahoo. Both Twitter and Microsoft’s Outlook were not running OpenSSL and are not affected by the bug. Visitors to the Lowyat.NET frontpage and forum might want to change their passwords as LastPass indicates that our servers could have been vulnerable at some point. While a separate test indicates that our site is secure, it might be best to err on the side of caution.
Thankfully banking sites are secure from the threat. Maybank2u.com.my is listed as not vulnerable, as is cimbclicks.com.my. RHB.com.my and HSBC.com.my are unlisted but similar secure from the Heartbleed threat. In fact, most Malaysian based servers are not listed as vulnerable; although about half of them do not run encrypted protocols to begin with.