Within that news article you’ll find this link where you can input your critical website addresses to see if the security flaw has been fixed (just in case your shopping, personal, and financial websites do not alert you): http://filippo.io/Heartbleed/. Once you know the fix has been made to a particular website, you can then change your password to that website to prevent hackers from using previously stolen information from being used against you (like emptying out your bank, savings, and retirement accounts and running up your credit cards).
I just tested all of my critical websites, and it looks like they have fixed the security flaw, so I changed all of my passwords. Since any personal data you’ve ever entered online in the past two years is at risk (including Social Security numbers), it would be wise to also request a free annual credit report from the three major credit bureaus to ensure no bogus accounts have been set up in your name (see: http://www.fdic.gov/consumers/consumer/news/cnwin0203/three.html). This is all so time-consuming, but as the saying goes, “An ounce of prevention is worth a pound of cure”.