An encryption flaw called the Heartbleed bug is already being called one of the biggest Internet security threats ever seen. Words like 'catastrophic' have been used to describe this bug so that gives a clue to how bad it actually is.

The bug is a flaw in OpenSSL, which is the Internet's most commonly used cryptographic library, and has been basically bleeding out personal information.

It's down to a fault in the code which has been specifically written to protect financial transactions. Conor Flynn from RITS Information Security explains:

It has affected many popular websites and services, like Gmail and Facebook, and could have exposed sensitive account information such as passwords and credit card details.

Some Internet companies have already updated their servers with a security patch to fix the issue so you will need to go in and change your passwords immediately for these sites.

Other sites are in the process of fixing the issue, so you should wait for an update from these sites before changing your password. The fix needs to be in place before you make the change.

According to Mashable and CNet, these popular sites have all added security patches so it is now safe to change your passwords:

Facebook, Tumblr, Google, Instagram, YouTube, Yahoo, Gmail, Yahoo Mail, Amazon, DropBox, Wikipedia, Bing, Blogger and Soundcloud.