Our personal information isn't really secure. It probably never has been, but our increasing reliance on digital services and the constant public disclosure of large breaches is only making that clearer.
You can't protect your personal information. Its already in the hands of third parties. All we can really do is take some steps to reduce the pain when our information falls into the wrong hands.
- Never use a debit card or any other card backed by real money. Not online, not in person. Maybe even ask your bank for an old-fashioned ATM card and get rid of the debit card altogether. When someone does make fraudulent charges, you don't want to have your real money disappear while you wait for your banks fraud department to investigate and refund. With a credit card the fraudster is merely racking up temporary debt that will disappear when the investigation is complete. In the meantime you can use one of your other credit cards (you should have at least two) and your real money is never touched.
- Use a password manager. Keepass is my favorite, but the others are good. Make sure everything you sign up for uses a different password. Make sure your password manager's password is long and strong and never used for anything else. This is basically the only password you should need to remember, so make it a good one, and change it on occasion. When an attacker is able to obtain one password that should only get them into one of your accounts, at most.
- Turn on two factor authentication where possible, especially for email. Your email is often used to reset passwords on your other accounts, so making sure it is very secure is essential in mitigating your risk of being the victim in social engineering attacks.
Feel free to fork this gist and add your own tips.