The Heartbleed bug concerns a security vulnerability in a component of recent versions of OpenSSL. A tool was released online that allowed anyone on the Internet to force Web site servers to dump the most recent chunk of data processed by those servers. That data might include usernames and passwords, re-usable browser cookies, or even the site administrators credentials. It’s possible that we may see a second wave of attacks against this bug, as it appears also to be present in a great deal of Internet hardware and third-party security products.”]
Source: https://krebsonsecurity.com/2014/04/heartbleed-bug-what-can-you-do/