I am passing on, as requested, a message from HealthUnlocked about this security issue but do not know anything extra about this myself, but there are two links at the end of this message:
A major online security flaw called Heartbleed was recently discovered by a researcher at Google and a Finnish security firm called Codenomicon. Though you may have already heard about it from one of the major news organisations like the NYTimes that have been covering this since last night, we wanted to get in touch with you as well.
This issue is a flaw in OpenSSL, which is the encryption technology that two thirds of the websites, including HealthUnlocked, use. We immediately released a patch to fix this issue and for added measure this morning we logged out every member of HealthUnlocked to make everyone login again.
Though the risk is very minimal, there is a chance that some of your personal information, like your password, in one of your online accounts may have been affected. As a consequence, we strongly recommend that you do the following:
1.log out of websites where you selected 'keep me logged in' & login again
2.update all your passwords
Additionally, though they may have heard about it in the news as well, we recommend that you write a post in your community to inform your members. Feel free to refer to our blog post update in your post if that can help explain what happened to your members as well as the tips about creating a strong password.
Click here for 3 tips to create a strong password
Click here for more details about Heartbleed