Like most illegal bugs the Hearbleed bug is anonymous, and at the moment it is not known at all who is responsible for it. The bug is in the OPEN SSL software library which is used for the Transport Layer Security protocol. This means that the bug affects users with (it was thought) secure internet accounts since the Open SSL was launched on 7 April. So far at least half a million users have been affected - the most recent site to daim they have been hurt is Mumsnet. This site has at least 1.5 million registered users so the numbers of people who may suffer from this bug is growing all the time. Mumsnet is now advising all its members to change their passwords.
The Canadian tax authority has also been targeted. There is now a growing worry that all kinds of sensitive information may no longer be secure if the virus keeps spreading.