An Open SSL exploit has many sites, large and small, compromised. What can you do? Read this:
http://www.theepochtimes.com/n3/611676-heart-bleed-bug-what-you-need-to-know-including-for-yahoo-gmail-facebook/ (http://www.theepochtimes.com/n3/611676-heart-bleed-bug-what-you-need-to-know-including-for-yahoo-gmail-facebook/)
The best thing to do is not use sites that use Open SSL but have not updated it yet as well as change your passwords!