After the discovery this week of a massive security flaw in the open source software used to secure and encrypt a vast portion of internet communications, major tech firms are urging users across the Web to change the passwords on all of their accounts. Dubbed the “Heartbleed” bug by the researchers responsible for uncovering it, the widespread security hole allows hackers to steal code from websites and online services which reveal the most sensitive of user information — including usernames, passwords, communications, credit card and account information. Websites, web applications, email, instant messenger services and even virtual private networks are among many other Internet programs that use the customizable OpenSSL (secure sockets layer) security library on websites with HTTPS (embedded in the addresses of most websites users browse to) encryption to protect users information on their services. “The little lock icon (HTTPS) we all trusted to keep our passwords, personal emails, and credit cards safe, was actually making all that private information accessible to anyone who knew about the exploit,” the popular blogging platform Tumblr wrote in a post. More