HEARTBLEED (who comes up with these names?!) is a new vulnerability to the SSL framework that the vast majority of the internet uses everyday to encyrpt, decrypt and store our sensitive data. With this vulnerability unpatched on the server side, you run the risk of your sensitive data being availabe to anyone who can reach said site, and is a bit computer savvy.
This exploit affects a LOT of sites. Yahoo, WordPress, bank sites. Unlike many exploits the fix is server rather than client side, which means you have to wait on the site to clean itself up. So slightly problematic.
The thing you can do on the client side is once the websites have patched their vulnerability, change your password, change your password, change your password (did I mention ‘change your password’). Use unique passwords for each site, as well as difficult passwords, and change your passwords often. Every 45 days is a good way to go.