“Basically, I can do a better job of maintaining my security than clearly Equifax or Capital One can,” he said.

Mr. Erwin isn’t alone in feeling he has to do what he can given the little control consumers have over the exposure of personal information in large scale data breaches and hacks in recent years. He was one of the nearly 150 million consumers affected by the 2017 Equifax breach, and he said while he doesn’t know if his information was compromised by other recent hacks— Target , Home Depot and most recently Capital One, among others—he said he wouldn’t be surprised to find his name, bank account number, address or even his Social Security number out there on the internet.

“You hear about these data breaches over and over and over again,” he said. “It’s a fact of life.”

These days, when data breaches occur, the Federal Trade Commission and firms usually offer a set playbook: Freeze your credit, place a fraud alert, get credit monitoring and change your passwords.

This recent wave of data breaches reminded Mr. Erwin and others of an unfortunate lesson learned from hack after hack: When it comes to protecting your data online, a routine is a good thing.

Eva Velasquez, president of the Identity Theft Resource Center, a nonprofit that supports victims of identity theft and fraud, says it is important for consumers to do something themselves.

“I don’t want people to be in that point of breach fatigue,” says Ms. Velasquez. Even just doing one of the recommended steps, she says, is better than nothing.[…]