Clients have expressed much concern over the HeartBleed security bug. It is of course a major concern. I would encourage you to read the following:
http://www.symantec.com/connect/blogs/heartbleed-poses-risk-clients-and-internet-things
http://en.wikipedia.org/wiki/Heartbleed
http://heartbleed.com/
If you would like reassurance about a particular website you can test the site using several online services:
https://www.ssllabs.com/ssltest/
https://filippo.io/Heartbleed/
https://lastpass.com/heartbleed/
http://tif.mcafee.com/heartbleedtest
Systems administrators should also be aware of “reverse” heartbleed:
https://reverseheartbleed.com/