NEW YORK (CNN/Money) -
Whether you're a celebrity superstar like Paris Hilton or seemingly anonymous, there's only so much you can do to keep someone from stealing your identity.
How, for example, can you know if a data-collection company like ChoicePoint (down $4.20 to $39.30, Research) has already given your information to thieves? Or what if, like Paris Hilton, you fall prey to hackers.
"If there's someone who stole her password through surreptitious means, there's nothing [Hilton] could do," said Avivah Litan, security analyst for Gartner, a research institute.
Unfortunately, as Hilton discovered the hard way, personal information is all too available. ChoicePoint has admitted that it gave the identities of some 145,000 consumers to organized criminals posing as legitimate businesses.
"The whole system is pretty rotten from start to finish and they really need to tighten up," said Litan. "There's very loose access control over who can get credit reports."
Even so, you can't give identity thieves a free ride. Outfit your computer with virus filters and sophisticated software programs like Spyware, even if isn't 100 percent effective, said Litan. "Protect your PC and watch your wallet," she said.
Read your credit reports, destroy your receipts, don't provide information to companies you don't trust, don't order online through obscure Web sites and don't carry your Social Security card in your wallet, said Mark Durham, communications director for Identity Theft 911, a service company for victims of identity theft.
"Don't put anything in the garbage you wouldn't want to hand to a criminal," said Durham, referring to another no-no: the indiscriminate disposal of unshredded credit receipts. "Understand the problem, learn about you situation and act on it."
Of course none of that sound advice will help if thieves are accessing your information through a data collector like ChoicePoint.
"There are many organizations, institutions and businesses that are entrusted with large amounts of personal information which, if left in the wrong hands, can be very dangerous," said Durham. "That includes ChoicePoint, an organization that most of us had not even heard of a few days ago. If you don't even know your information is in ChoicePoint in the first place, how can you take precautions to see whether your information has been compromised?"
On Tuesday the company sent letters to at least 30,000 consumers in California, the only state requiring companies to disclose security breaches. Durham said this law should be extended nationwide, so victims of identity theft can act as quickly as possible.
"If you are hit by identity thieves, time is of the essence," said Durham. "These guys are fast."
ChoicePoint spokesman David Bernknopf said the company was ramping up its security requirements. Bernkopf also said that the database companies must be responsible in the handling of personal identities, and the company supported an expansion of the California law to other states.
"It is incumbent upon the industry and the legislators -- and ChoicePoint is working on leading this effort -- to understand where their identity is, where it is at risk and to keep it from being misused," said Bernknopf.
Credit and banking statements are easy to check, and thievery can be spotted quickly. But theft involving phone numbers and Social Security numbers can be much sneakier, said Litan.
Years may pass before a victim realizes someone has stolen their Social Security information and has been using it to receive payments, creating problems for the victim when he or she retires and tries to collect.
Innocent victims could acquire criminal records they don't deserve when thieves steal their identities to forge driver's licenses.
Many victims don't know they are victims until long after the damage is done, and trying to find a solution for this problem is the greatest challenge in dealing with identity theft, said Litan.
"No credit report is going to help you with that," she said.