“On April 7, 2014 we learned of a vulnerability in the OpenSSL security system that you know is in operation when the webpage begins with https instead of http. It is the encryption system used to protect confidential information such as passwords and most sites that deal with sensitive information use it. This vulnerability allowed third parties to intercept and get that information.”
The resource link below provides the best information I have seen about this very serious internet attack. You’ll probably want to run your bank’s url through the suggested link to see if your password is safe.