Most Americans who recently learned about a major breakdown in Internet security have been trying to protect themselves but a group nearly as large is unaware of the threat, according to a new survey.

The findings released Wednesday by the Pew Research Center provide a gauge on how Web surfers have been responding to a computer bug nicknamed “Heartbleed.” The flaw in a key piece of security technology used by more than 500,000 websites had been exposing online passwords and other sensitive data to potential theft for more than two years.

Key findings:

  • 39% of internet users say that after they learned of the online security problems they took steps to protect their online accounts by doing such things as changing passwords or canceling accounts.
  • 29% of internet users believe their personal information was put at risk because of the Heartbleed bug.
  • 6% of internet users say they believe their personal information was stolen.
  • Some 61% of the internet users who had heard of Heartbleed changed passwords or took other steps.
  • Those with higher levels of education were the most likely to have taken such steps: 48% of the internet users with college educations changed their password or deleted an account, compared with 31% of the internet users with high school educations or less and 40% of those who attended at least some college.
  • 46% of the internet users in households earning $75,000 or more had changed their passwords or deleted an account, compared with 33% of the online Americans living in households earning less than $30,000.

After word of the problem got out on April 7, affected websites began to close the Heartbleed loophole and security specialists recommended that Web surfers change their online passwords as a precaution.

That advice apparently resonated among those who read about in the extensive media coverage of the Heartbleed risks.

Passwords were changed or online accounts were closed by 39 percent of the Internet users in Pew’s telephone survey of 1,501 adults taken in the U.S. from April 23-27.

But 36 percent of the Internet users participating in the survey hadn’t heard about Heartbleed at all.

The almost equal division between people insulating themselves from Heartbleed and those unaware of the problem shows there is still a knowledge gap even as the Internet and mobile devices make it quicker and easier to find all kinds of information.

“There are some people who are pretty tuned in and are in an action frame of mind and then there others that don’t know about the news that is breaking,” said Lee Rainie, director of Pew Research’s Internet Project.

Better educated and more affluent Internet users tended to pay the most attention to Heartbleed. Roughly three-fourths of the Internet users aware of Heartbleed had college educations and lived in households with annual incomes of at least $75,000, according to Pew.

Although Heartbleed stories appeared for several days online and in print publications, most websites bitten by the bug didn’t send warnings to their users.

Major banking websites and other widely trafficked websites weren’t affected by Heartbleed, factors that Rainie said may have caused many people to pay less attention to the media’s coverage of the bug.

Only 19 percent of the survey respondents said they had heard “a lot” about Heartbleed. By comparison, 46 percent said they had heard “a lot” about the escalating tensions between Russia and Ukraine.

Just 6 percent of the survey participants believed Heartbleed led to their online information being ripped off.

The full survey report can be read online.