The National Security Agency exploited the massive security vulnerability called Heartbleed for the past two years, and used the flaw in OpenSSL to intercept private data, according to a new report from Bloomberg.

Heartbleed is a newly-discovered flaw in OpenSSL that makes your private information—usernames, passwords, bank statements, etc.—vulnerable to potential hackers, and apparently, government snoops.

Update: The NSA denied any knowledge of Heartbleed before it was made public this week. The National Security Council released an official statement on Friday afternoon, saying claims that the NSA had prior knowledge of Heartbleed are wrong. 

Image by Flickr user Erokism