The Heartbleed bug allows anyone on the Internet to read the memory of
the systems protected by the vulnerable versions of the OpenSSL
software. This compromises the secret keys used to identify the service
providers and to encrypt the traffic, the names and passwords of the
users and the actual content. This allows attackers to eavesdrop on
communications, steal data directly from the services and users and to
impersonate services and users.