Heartbleed is a serious vulnerability in OpenSSL cryptographic software that allows stealing information protected by SSL/TLS encryption. It allows attackers to read portions of servers' memory, compromising private keys and stealing users' passwords and session cookies. The flaw was due to a mistake in Robin Seggelmann's 2011 implementation of the TLS Heartbeat Extension that failed to check for buffer overflows. It was not discovered until April 2014 and impacted around 17% of internet servers before being patched. The vulnerability, named Heartbleed, had the potential to compromise private communication data.