This is an important message for everybody about a bug which might have affected your passwords.
Probably you all heard about Heartbleed Bug in Open SSL. I will not dive into technical terms but many popular websites including Google, Yahoo, Instagram, Wells Fargo and Facebook was affected by this bug.
Which means someone else might have stolen your password or credit card information in last 2 years. You can check on this website if the bank, website you use was affected or not : http://filippo.io/Heartbleed/
Many of major websites have fixed the bug and there is nothing to worry. Considering the fact that bug was around here for 2 years, someone else might have stolen your information in the past.
Here is what I would recommend:
1. Check the website you use if it is still vulnerable or not.
2. If it is vulnerable, it will not help to change password, just make sure you don’t have any credit card information on that website wait until they fix it.
2. If it is not vulnerable(as I said many banks and major companies fixed it) you should change your password.
Updates and more detailed info about the bug: