Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. The bug can reveal the contents of a server’s memory, where the most sensitive data is stored, including the private data such as usernames, passwords, and credit card numbers. Yahoo, which has more than 800 million users around the world, also has been exposed by the bug. Security researcher scanned the Internet and found that more than 600,000 servers are vulnerable to heartbleed flaw.
Source: https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html