Better change those passwords. Now.

A recent massive security breach perpetrated by cyber thieveshas put sensitive information including passwords, credit cardinformation and other data at risk for nearly a billion Internetusers worldwide.

The threat, which is being called "Heartbleed," was discoveredby a small team from the Finnish security firm Codenomicon. Hackershad cracked the encryption technology used to protect onlineaccounts for emails, instant messaging and a wide range ofelectronic-funds transfer.

The threat went undetected for more than two years, according tothe Associated Press.

"I don't think anyone that had been using this technology is ina position to definitively say they weren't compromised," DavidChartier, Codenomicon's CEO, told the AP. Further, it's impossibleto know whether an individual's security was compromised as itwould not have left a distinct digital footprint, experts say.

Yahoo Inc., which has than 800 million users worldwide, is amongthe Internet services that could potentially be affected. TheSunnyvale, Calif., company said in a statement Tuesday that most ofits most popular services had been "fixed," but there's no way ofknowing whose accounts may have been compromised.

According to the AP, Heartbleed creates an opening in SSL/TLS,an open-source encryption technology marked by the small, closedpadlock and "https:" on Web browsers to signify that traffic issecure. The flaw makes it possible to spy on Internet traffic evenif the padlock had been closed. Perpetrators could also steal thekeys for deciphering encrypted data without the website ownersknowing the theft had occurred, security researchers say.

About two-thirds of Web servers rely on OpenSSL.

Wednesday is a good day to change your most critical passwords,as many sites have now installed the Heartbleed "fix." Changingone's password too soon after a breach could do you no good, experts say, if the affected site is notyet clear of issues.