Engineers at CloudFlare said they had been unable to exploit the Heartbleed bug to steal SSL keys from a server. They set the internet a challenge inviting people to try to grab its private server keys. Within hours, software engineer Fedor Indutny was revealed to have recovered the private keys from the web server. He claimed on Twitter that it took a script he wrote for the purpose took just three hours to hunt down the private SSL key. If you administer a server and have so far put off revoking and reissuing your SSL certificates, it might be time to think again.”]
Source: https://grahamcluley.com/heartbleed-bug-can-expose-private-ssl-keys/