Sigh. It seems that every time you turn around, some big company (or a small one with a massive collection of data) is found to have been hacked, stolen, or in this case just left wide open for anyone to access your private data.
https://www.wired.com/story/exactis-database-leak-340-million-records/
While not containing financial data or social security numbers explicitly, the type and depth of the data increases the probability of impersonation and profiling – “more than 400 variables on a vast range of specific characteristics: whether the person smokes, their religion, whether they have dogs or cats, and interests as varied as scuba diving and plus-size apparel.”
Some rules of thumb for keeping your personal data secure include lying on pre-formatted “additional security questions” like “where were you born”, “in what city did you meet your spouse” and the classic “mother’s maiden name”. Make up lies or answers which have nothing obvious to do with the question – for instance “what was the make and model of your first car” might be answered with the nickname you and your friends had for the car (C’mon, surely you named your first car, didn’t you?). And your mother’s maiden name was TheDuneTrilogy. This way you can be consistent in your answers from site to site, but not give away any real, useful, trackable data about yourself.