Some of you probably already know about the security vulnerability known as Heartbleed, which was revealed by Google this Monday.
Our webhost and CA took care of it (the website was offline 8 hours ago), so you are safe here.
Edit 2: It seems Steam is fixed now. If you logged into Steam in the past 3 years, you may want to change your password, especially if you don't use SteamGuard.
An enormous number of websites have been infected. Amongst the ones untouched are Microsoft's, for example. (their tech is really good)
Also, you may want to change all your passwords.
But before this, set a master password in your browser.
The flaw allows an attacker to read pretty much all the memory of a computer. This could, for example, easily steal all the saved passwords and cookies in your browser or the traffic of an arbitrary webserver. (the latter is the worst)
Good luck and stay safe!
Edit: I see it wasn't really obvious. It is futile to change a password on a website before it is fixed. Change it after.