It’s a problem that far exceeds your worst fears. There are billions, with a “b,” breached accounts for sale on the dark web. Incredibly, up to 90% of people going online to shop at popular retailers are criminals using stolen information, according to a recent study. In other words, criminals outnumber the good guys on store websites. There’s a really good chance you shop at some of the stores that have suffered data breaches in the past year, including Macy’s and Panera Bread. Keep reading for details about 10 retailers where you may have shopped and where your data may have been stolen. Bonus: Kim talks about a data breach impacting hundreds of millions of email addresses, and yours could be one of them.

Keep reading for a few tips to protect yourself from a data breach.


Macy’s websites and suffered a data breach that exposed credit card information to hackers. That’s the bad news. The good news is, like many other breached companies, Macy’s contacted customers who were affected by the breach and offered them free ID protection services. They also implemented new and stronger security measures.

Panera Bread

Data breaches, in general, are bad. They’re worse when they drag on for months. That’s what happened with Panera’s website, which leaked millions of customers’ information before it was corrected. That information included home addresses, birthdays and partial credit card numbers.

Marriott Hotels

There are big and bad data breaches, then there are truly terrible, massive data breaches like the one that happened at Marriott Hotels, including hotels it owns like W and Aloft. The data stolen included passport information. Marriott said about 500 million customers were affected by this breach. Its computer database was affected from 2014 to 2018, according to the Federal Trade Commission, which suggested that customers consider freezing their credit reports, among other tips. Bonus: 617 million stolen accounts from 16 websites are now up for sale – are you at risk?

Jared Jewelry

You may have heard about the truly scary data breach at Jared’s parent company, Signet Jewelers. A customer discovered that a simple change to his order revealed a trove of details about other customers’ orders. This data breach, which was only recently fixed, revealed data such as your order’s tracking number, your address and your email address. Keep reading for tips to protect yourself from data breaches.

Kay Jewelers

Jared’s parent company, Signet, also owns other jewelry stores. That includes Kay, which was also affected by this breach.

Cheddar’s Scratch Kitchen

Talk about security breaches that drag on and on. That happened at the restaurant chain Cheddar’s Scratch Kitchen. Customers’ credit information was stolen by hackers for about two months. This affected more than a half-million customers. Were you one of them? Bonus: Manage your online safety on hundreds of sites by getting rid of old accounts


The shoe and apparel maker Adidas said that millions of its website customers’ information may have been stolen by hackers. The company was quick to release a statement, saying in part, “the limited data includes contact information, usernames and encrypted passwords.”

MyFitnessPal app

Under Armour’s fitness app, MyFitnessPal, was breached. It affected about 150 million users and exposed data such as email addresses and user names.

Lord & Taylor

Hackers are criminals. They steal your information, use it and sell it to other criminals. It’s a crime network that occurs online, behind the scenes. One of the most notorious online criminal groups is called JokerStash. They stole credit card information from about 5 million Hudson’s Bay customers. That includes customers of Lord & Taylor.

Saks Fifth Avenue

The Hudson’s breach that affected Lord & Taylor also affected Saks Fifth Avenue. The hackers began releasing credit card information last year.

How to protect yourself from data breaches

There are several ways to protect yourself from data breaches but these key strategies start with using complex passwords. Use passwords or passphrases that are difficult for hackers to figure out — something like My!daughterISmindy838. Make sure your credit card companies know that you want to be alerted to unusual charges, like a purchase in another country. One bonus of making purchases with a credit card is that you may not be liable for fraudulent charges. Bonus: Check your accounts! Crooks might have your passwords after this massive data breach You should also review your credit reports from the three credit bureaus to check for fraudulent activity. Pass this tip onto your friends: Instead of getting all three reports at once, get one every four months, so you’re checking for data breaches for free throughout the year.