New York ? The letters warning of identity theft started going out in April, and not just a few of them. More than 180,000 Polo Ralph Lauren customers who used credit cards for their purchases received letters from HSBC bank saying their names and card numbers had been compromised. There was a security breach of Polo’s data bank.

HSBC, the world’s sixth-largest credit card issuer, had gotten the word from MasterCard and decided to send out the notices even though no law required it, bank spokesman Steve Cohen said.

Similar warnings were sent this spring to more than 800,000 other Americans, including online brokerage houses, 120,000 alumni of Boston College and others whose Social Security numbers and other ID information had been compromised by hackers who penetrated theoretically secure files of data brokers.

“What bank robbery was to the Depression age, identity theft is to the Information Age,” said Sen. Chuck Schumer, D-N.Y., who along with Sen. Bill Nelson, D-Fla., has proposed legislation requiring tighter security controls by companies over ID data.

Similar bills have been introduced by Sen. Hillary Clinton, D-N.Y., and state legislation has been proposed by New York Atty. Gen. Eliot Spitzer. All the legislation is aimed at reducing individuals’ exposure to ID hackers and pressuring data banks, merchants and financial institutions into keeping tighter controls over ID data they use.

But with all that, and proposed regulation changes eliminating Social Security numbers from Medicare cards, the larger question is what can individuals do to prevent becoming a victim.

Some measures are simple, experts say.

Don’t carry your Social Security card, don’t transmit the number over a computer and don’t reveal the number unless required, FBI and U.S. Secret Service officials warn. Similarly, don’t give out your birth date or mother’s maiden name, two other key identifiers.

Your Social Security number is the big key for ID thieves, for once they have it, they can get credit cards, open a bank account and get a passport or a driver’s license – all in your name.

A skimmer, which runs on a single 9-volt battery, is used by criminals to swipe credit card information that is then downloaded to a computer.

Personal computer security against ID hackers is more complicated.

While ID thieves trolling the Internet routinely send out mass e-mails masquerading as financial institutions asking for information updates, including Social Security number and credit card numbers, no bank ever makes such an e-mail request, according to Cohen and representatives of other banks.

PayPal and eBay also never request passwords or other information updates in e-mails, he said.

“If you get a request, don’t reply,” Cohen said.

Additionally, don’t give out credit card information over the Internet unless you know precisely where it is going, and, if making an online purchase, make sure you use an encrypted, guaranteed-against-fraud bill-paying facility like PayPal.

Fire walls and virus protection programs routinely are penetrated by sophisticated hackers seeking ID information, said Bruce Helman, supervisor of the FBI’s New York computer hacking squad.

People who are using wireless programs should make sure their routers are encrypted with passwords that are a combination of letters and numbers, Helman advised.

Studies have shown that more than 60 percent of wireless users don’t bother following instructions to encrypt traffic, an open invitation to any hacker who can easily piggyback onto your network to penetrate your files.