A new major security issue is affecting Web users, and it’s unclear just how bad it might get. The vulnerability, known as Heartbleed, affects a variant of the Secure Sockets Layer/Transport Layer Security encryption technology, known as OpenSSL. It allows hackers to breach Web servers, networks and anything else “protected” by the technology—and to steal information. What’s worse, it’s believed some of the largest Websites are vulnerable, including Yahoo. Tumblr confirmed that it was vulnerable, but has implemented a fix. Although a fix is available, the flaw is still a huge security concern that has yet to be addressed worldwide. That leaves users without the protection they need, and puts the average person at risk of losing sensitive information, having financial data stolen, or worse, seeing private identity data such as social security numbers, stolen. Some experts believe the vulnerability extends to more than 500,000 Web servers, meaning millions of sites are vulnerable. Consumers and enterprises are understandably asking what they can do to protect themselves. There isn’t much that can be done to fully insulate Websites and users from Heartbleed, but there are ways to limit the flaw’s impact.