Skip to main content

Was your information exposed in the latest data breaches at Lord & Taylor, Saks Fifth Avenue, Saks OFF 5TH, or Under Armour’s MyFitnessPal? If so, here are some steps to take.

First, visit to get detailed advice, based on the type of information exposed. If the company that you entrusted with your information offers you free credit monitoring, take advantage of it. Also, consider placing a fraud alert or credit freeze.

What if your username or password were exposed? Or your payment card information? covers all that and more:

  • For an online login or password – Log in to your account and change your password. If you use the same password other places, change those too. Don’t forget to change your security questions, too, if your online login or password were exposed.
  • For payment card information – Contact your bank or credit card company to request a new card number. Review your statements carefully to make sure no one is misusing your card. If you have automatic payments set up, don’t forget to update all of them.

To learn more about the type of information exposed in each breach, check out each company’s website: Saks, Saks OFF 5TH, Lord & Taylor, and MyFitnessPal.

Also, after data breaches, look out for phishing scams that try to trick you into giving your personal information. Don’t provide any personal or financial information unless you’ve initiated the contact. And don’t trust caller ID. Scammers can spoof their numbers so it looks like they are calling from a particular company, even when they’re not.

If you learn that someone has misused your personal information, go to to report identity theft and get a personal recovery plan. Because recovering from identity theft – and data breaches – is easier with a plan.

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system, and user names also are part of the FTC’s computer user records system. We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.

The purpose of this blog and its comments section is to inform readers about Federal Trade Commission activity, and share information to help them avoid, report, and recover from fraud, scams, and bad business practices. Your thoughts, ideas, and concerns are welcome, and we encourage comments. But keep in mind, this is a moderated blog. We review all comments before they are posted, and we won’t post comments that don’t comply with our commenting policy. We expect commenters to treat each other and the blog writers with respect.

  • We won’t post off-topic comments, repeated identical comments, or comments that include sales pitches or promotions.
  • We won’t post comments that include vulgar messages, personal attacks by name, or offensive terms that target specific people or groups.
  • We won’t post threats, defamatory statements, or suggestions or encouragement of illegal activity.
  • We won’t post comments that include personal information, like Social Security numbers, account numbers, home addresses, and email addresses. To file a detailed report about a scam, go to

We don't edit comments to remove objectionable content, so please ensure that your comment contains none of the above. The comments posted on this blog become part of the public domain. To protect your privacy and the privacy of other people, please do not include personal information. Opinions in comments that appear in this blog belong to the individuals who expressed them. They do not belong to or represent views of the Federal Trade Commission.

April 05, 2018
Re: Illegal Breach. What if the illegal breach is a everyday and night illegal continual breach that has been happing to Me for Years? The normal laws or remedy's don't apply to Me.The Breach wont Stop. James ?
April 05, 2018
After the eBay hack a few years ago, I changed my phone number partly because of all the new scam calls. Now I'm meaner and smarter, and have a great smart phone. I just got hit by the MyFitnessPal hack, uhg! I put a Ma Bell recording from Canada that say my number has been disconnected, in French and then English ≧'◡'≦ My cell number is now way less popular with scammers
April 06, 2018
Someone tried to manually enter my debit card number into a walmart self checkout in a neighboring state. The attempt was $300.00. I then found that someone had tried to purchase $1200.00 from online SaKs. I am so thankful the bank denied both charges. What upsets me is, I spent lots of hours trying to identify the person. There was video at Walmart. It was to no avail. If the stores were more counter active, it would be appreciated by people like me willing to go the extra mile to catch a theif. Just saying....
Don't use your…
April 09, 2018
Why aren't companies ever fined for having data breaches?
April 25, 2018
My credit card was skimmed. Any charges ping to my cell phone. The scammer was using my card in the Pocono's. I first froze my credit card. Then call the store, then the police in that county. The store had cameras and wanted to cooperate. But the police said they couldn't do anything. Why? Thank you.