Right now, the internet is abuzz with the news of the ‘hearbleed’ bug. Because of a flaw in OpenSSL, attackers can extract 64 kilobytes of information from a webserver for each ‘heartbeat’. This information can include secret encryption keys, usernames and passwords, and other kinds of sensitive data.
In response, the Canada Revenue Agency has stopped accepting online filing of tax returns. There is a lot of other discussion online: Schneier, XKCD. A tool for testing webservers for the vulnerability is also online.
One take-away from this is that once various web servers are fixed, we will all need to change our passwords.