By now, chances are you've already heard about the preposterously huge security hole in SSL. You've also probably heard how it could easily have left you exposed to all sorts of nefarious activity over the past few years. Now, thanks to Mashable, we also have a better idea of exactly which websites had the flaw.
Of course, just because certain websites were vulnerable to the bug doesn't necessarily mean your personal information (passwords, credit card numbers, usernames, etc.) got snatched. The problem is that there's absolutely no way of knowing for sure -- so better safe than sorry. But Mashable's chart also shows which sites have already patched the hole. So if you have an account on a site that's still wide open to heartbleed's whims, you're going to want to wait until it gets things under control.
We've picked out some of the bigger websites that may have left you exposed below. They have also all issued a patch already, which means it's safe to change your password now (updating your password on a site that's still vulnerable won't do you much good, for obvious reasons. And you should. Seriously. Go. And head over to Mashable for a more complete list of what needs protecting.