KUSA - Change the passwords you use online now.
If you've used the web in the last two years, you are vulnerable to hackers who could easily gain access to your online accounts, including bank, web mail, social media, online retailers - and the list goes on.
An internet security bug called "Heartbleed" is to blame. It was discovered accidentally in an encryption service used by two thirds of supposed secured websites. For years, many of us felt safe going to websites with that little closed padlock in the address bar - followed by "https." Maybe we shouldn't have been so trusting.
There is a new update that websites can download to fix the problem. But not all websites have done that.
In the meantime, 9NEWS security expert John Sileo said you need to be proactive.
"Change your password on any site that uses one of those little padlocks, any SSL encrypted sites: your bank; your gmail. Even Facebook now uses some SSL encryption." Sileo said. "If you go and change that password now - all of the data that they have siphoned off over these last two years is basically archaic. It no longer allows them to hack into your account."
It's probably a good idea to change those passwords again in a few weeks - in case those websites haven't patched their software yet.
This new revelation could explain all different types of breaches - and cases of identity theft - that could not previously be explained.
(KUSA-TV © 2014 Multimedia Holdings Corporation)