According to the article, last year, the bug was the blame for a data breach "at Community Health Systems Inc., one of the nation's largest hospital chains, that exposed personal information on 4.5 million patients."
Venafi, Inc., a cybersecurity company that develops software to secure and protect keys and certificates, scanned the servers of some of the largest public companies in the world to find out that only 416 out of a list of 2,000 companies protected themselves against the Heartbleed bug.
Jonathan Katz, director of the Maryland Cybersecurity Center at the University of Maryland said that the reason why these companies haven't secured themselves from the bug is that there's many steps involved in correctly fixing Heartbleed, which causes confusion, and many of the companies don't "want to spend the money to complete a security overhaul."
Sources: Uchill, Joe. "A Year after Its Exposure, Heartbleed Bug Remains a Serious Threat ( Video)." The Christian Science Monitor. The Christian Science Monitor, 6 Apr. 2015. Web. 24 Oct. 2015.