If you’re working in System Administration or DevOps, you will be asked for years to come:
Where were you on the fateful day April 7th 2014 ? The day the internet had to upgrade its servers.

The versions of OpenSSL that are vulnerable to the Heartbleed bug are OpenSSL 1.0.1 to 1.0.1f (ironically if you haven’t updated your OpenSSL you won’t be vulnerable, at least not for this specific bug).

A lot of upgrades have been done on major websites (Dropbox, Yahoo, Amazon Web Services, to name a few) to make sure they weren’t vulnerable anymore, and some websites haven’t done so yet.

To check if your website is vulnerable, go to filippo.io/Heartbleed/ (which is experiencing slowdowns for obvious reasons), if you’re tech savvy, you can deploy this Go script on your own FiloSottile/Heartbleed.

adf.ly , definitely not my favorite url shortener

This might be an annoying process for people, but it is highly recommended to change all your passwords to practically every service you can think of (Facebook, Tumblr, Google, Yahoo, AWS, Dropbox).
Mashable have created a fairly comprehensive list of services that were affected by the Heartbleed bug.
While we're on the subject, I highly recommend everyone to look into Two-factor authentication on major services, some of them allow this option, and you should demand from others to allow it too.

Until the next major security vulnerability makes headlines.

Update
Relevant XKCD comics cleverly explaining the whole thing

...I remember a time when no one outside the IT community knew anything about those security problems, nowadays everyone is (sort of) aware.