Nothing much you can do except make it harder for nefarious parties to get your information. If you’re in the U.S. most of your information is public. With two pieces of info about you, you’re one Google search away from your name, physical address, schools you went to, where you’re employed, etc. You can’t stop this, so just make it harder when your data does get leaked.

Here are my best practices:

• Own my email domain name and use it for generating unlimited random aliases.
• Update old accounts using a random alias.
• Generate random usernames using a proper username generator. Unique username per account.
• If an old account email can’t be updated, changed, or deleted, spoil the information in their system by using fake info and then abandon the account (Anon O’Moose, 1234 Fake Street, Beverly Hills, CA 90210).
• One email alias per account - never shared.
• Unique passwords via a password manager (e.g., passwords like ‘Obtuse4-Entangle-Matrix’).
• Enable TOTP multi-factor authentication wherever possible.
• For legacy security questions, always use a passphrase generator for the answer, and save both the question and answer into your password manager. “In what city did you go to school?”Answer: “Bandit4-Topic-Guardian”.
• Save recovery codes for your accounts into your password manager.
• Leverage virtual credit card numbers if your provider offers it. One virtual card per account - never shared.
• Create accounts only if you have no choice.
• Submit your formal request in Opt Out Prescreen to minimise the sale of your info.
• Delete all centralised social media accounts. Instruct people to text or call you.
• Switch to Linux completely if you can. Get off Windows and Mac where possible.
• Get off iOS if you can and try to run a proper trusted degoogled OS where possible. You can experiment with Linux phones in the future, but right now it’s not mature enough yet nor is it as secure as something like Graphene OS on Pixel phones.
• Get all your data on prem only. If you choose to backup some data for safeguarding online, encrypt it before you upload it.
• If your phone number has been leaked and you’re getting multi factor code requests, excessive spam, etc. consider setting up a new phone line with new number. Then update all your accounts, employer, government records, etc. to point to the new phone number. Let your contacts know. Once satisfied, deactivate your old phone number.
• Minimise posting any personal details about yourself online. Never identify physical locations. Make up fake details about yourself, your employment, etc. Make yourself a little more anonymous by providing fake information. One day you have a pet, another day you’ve never had pets, one day you’re divorced, another day you’re 18 years old, etc. Strive to be consistently inconsistent with the data you post about yourself online. Lots of things I’ve said on Lemmy about myself are untrue, while some things are true. It’s important to not reveal personal identifiers as it is trivial for a determined actor to correlate data and pinpoint who you are.
• Never, ever have any usernames, passwords, email addresses, or security questions that have any meaningful information related to you. ALWAYS use random generators. There is only one password you need to remember, and that is the one password to your password manager. Write it down on paper using pencil (graphite lasts longer than ink) and stick it in a safe.
• Use a VPN properly and with discretion, based on your privacy threat model.