Macy’s has announced that its website was hacked for one week in October resulting in a data breach in which customers’ names, addresses, credit card numbers and debit card numbers were stolen leaving them in significant danger of identity theft.  Macy’s has notified those customers affected by the data breach and are offering free credit monitoring to them.  This data breach provides a good warning to online shoppers as we start the holiday shopping season.

Many of us are suffering from what is being called “data breach fatigue” as a result of which we may not tend to take seriously the threat that data breaches present, but it is dangerous to ignore the threats that these data breaches present.  Fortunately there are some things you can and should do to protect yourself from future data breaches that will affect you.


One of the biggest lessons from the myriad of data breaches is to make sure that you use unique passwords for every online account that you have in order to avoid having a sensitive account, such as your online banking account compromised because you use the same password as you do for another relatively meaningless account that had poor security which led to a data breach in which your password was stolen.  This is also a reason for deleting old accounts you don’t use that could expose your passwords and other information.  The hacking of thousands of Disney + accounts only a few days after the new streaming service was launched is a good example of why it is important to have unique passwords for all of your accounts.  It appears at this time that Disney + wasn’t hacked and did not suffer a data breach.  The primary reason for the accounts being hacked appears to be that the people who had their accounts hacked were using passwords they used for other accounts at sites that have suffered data breaches thereby enabling the cybercriminals to use those stolen passwords to access their victims’ Disney + accounts.

Creating and remembering strong, unique passwords for each of your accounts is not as difficult as it may appear.  You can start with a strong base password constructed from a phrase, such as IDon’tLikePasswords. Add a few symbols like !!! and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts.   Thus, your Amazon password could be IDon’tLikePasswords!!!AMA.

This is also a good time if you have not yet frozen your credit reports with each of the three major credit reporting agencies, Equifax, Experian and TransUnion, to do so now to protect yourself from possible identity theft. it is free and easy to do.

To get the maximum protection from identity theft, it is important to freeze your credit at each of the three major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:

Another important rule to follow is to refrain from using your debit card for online purchases.  Instead only use your credit card because the laws regarding fraudulent use of your credit card are much more consumer friendly than the laws regarding fraudulent debit card usage.

Also, use dual factor authentication whenever possible so that even if your passwords are compromised, no one can access your account.

In addition, you should be aware that with your email address commonly known by many scammers, you can expect to receive more phishing and more dangerous specifically targeted spear phishing emails that attempt to lure you into clicking on links containing malware or try to convince you to provide personal information that can be used to make you a victim of identity theft.  Never click on links or provide personal information in response to an email or text message unless you are absolutely sure that the email or text message is legitimate.

If you are not a subscriber to and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of and click on the tab that states “Sign up for this blog.”