1. About the bug:
Heartbleed is server software (OpenSSL) bug so it’s more like a server vulnerability. Most of the webserver use OpenSSL extension to manage the secured connection.
Heartbleed opened your openSSL memory to the public, this means, everybody was able to read upto 16kb chunks of your memory.
This memory holds:
a) Private keys
b) Request data
c) Response data
2.Am I infected?
Here is the link to check if your server is affected:
The fix is:
a) Upgrade OpenSSL to the newer version (OpenSSL 1.0.1g and above).
b) Change all passwords: Attackers may be able to read the password and username, therefore resetting the passwords for all users is suggested.
c )Change the private key: Changing your magento private key is must for every store owner.
4.If you are an ecommerce solution provider.
You must mail your Magento customers and ask them to perform the above fix