Information stored online may not be as secure as we think. Finnish security experts have discovered a flaw called “Heartbleed” in the security technology for Internet encryption called OpenSSL. The weakness could be leaving passwords, banking information and personal details at risk — and may have enabled undetected thefts for nearly two years. While the news has prompted major retail websites into action, it should not lead users to make hasty changes. Experts warn users not to bother changing passwords until the glitches are fixed, and some are suggesting people stay offline altogether.