UPDATED April 10, 2014: Please consult this list of web services that you should change your password on.

You know that little padlock icon up there next to the address of this web page you're on? Turns out, it might have just been for show: hackers have found a way to access the login and password information of up to two-thirds of internet users.

What does this mean? If you have an email account, use online banking, keep in touch on Facebook or Twitter, go shopping on eBay or Amazon, or do pretty much anything else online that requires you to log in, you need to change your password immediately.

Computer scientists in Finland made the discovery earlier this week, at the same time as a team at Google in California: OpenSSL, the technology that powers passwords on much of the internet, could be fooled into thinking a user was logging in, when in reality there were hackers at the other end of he keyboard. The worst part is that unlike other forms of hacking that might leave digital fingerprints behind, this method leaves no trace.

Security experts say it is impossible to know whether your information has been stolen. Many companies, including Google, Yahoo, and Tumblr, have already updated their security procedures to protect against further attacks. At this point, the best way to protect yourself is to change your passwords right away.