WOODBURY - Cyberexperts say a technical flaw in security encryption known as “Heartbleed” went undetected for two years and possibly put passwords and credit card numbers at risk.

Adelphi Information Security Officer Dr. Kees Leune says the impact of the flaw is still unknown. He says it affects websites many would consider to be secure, which display a padlock icon.

Experts say it's not clear yet if cyberthieves were able to intercept sensitive information like passwords or credit card numbers, but it was vulnerable if they knew where to look.

Dr. Leune says it's important that Internet users do not change their passwords just yet. A software fix has been sent to all companies that use the program, but it may not be installed yet.

“Give companies a day or two, maybe three, to catch up, install the software and push it out to their servers and then go change your password,” he told News 12.