"Heartbleed" a Serious Concern
If you do important online transactions, particularly of a financial nature, it would be best to postpone them for, at least a few days, maybe longer if you can. The"Heartbleed" attack is a serious concern. However, it is not a virus per se, more of a browser-like hi-jack; it sniffs out online transactions and then pretends to be you, thereby gathering any of your important information available through this connection.
Changing passwords (and other login info) right now might be futile since the patches necessary to fix the problem may take a few days to be instituted for the largest sites and longer for smaller sites. This problem is a function of the online technology as it exists and not the result of a security lapse of any particular business.
This problem is really a concern for SSL connections, i.e., ostensibly secure online connections, but all online secure connections (your private information) are vulnerable for a while.
Therefore it would be best to make payments the "old fashioned" way for a week or so; call the company and provide them a payment method. Also check with businesses you do a lot of online financial transaction to see if, 1) they have had evidence of any hijacks and 2) if so, they have installed fixes.
If there is evidence that your company has had problems AND you have been online with them during this time, you definitely should change passwords, etc. Otherwise, check with the business you regularly make payments to and talk to them about it. Act accordingly.
Most major national internet servers (not the business you do transaction through) will apply patches very quickly. This will solve the majority of the vulnerabilities. Generally however, it is best to quickly finish your online transaction, and then log off. This significantly reduces your vulnerability.
Calls were made to our local utility companies: Greater Pine Island Water Company and Lee County Electric Co-op and both have said, "they have not experienced any problems with this matter and are checking with their IT departments."