Identity thieves continue to break records when it comes to stealing peoples' lives and loot.

Last week federal authorities busted what is alleged to be the largest hacking and identity theft case in the United States, involving the theft and sale of more than 41 million credit and debit card numbers.

No wonder identity experts and law-enforcement officials increasingly concede that for consumers these days it's less about if it will happen as it is when.

That's why you can't be too concerned or diligent when it comes to protecting your identity. And here's one upside to the crime trend: You can hire a growing number of credit and ID monitoring companies to help, but you can also do a lot of the work yourself -- cost-free.

"The previous record was set several years ago at about 28 million exposed accounts," said Tom Harkins, chief strategy officer of Secure Identity Systems -- a personal ID monitoring company -- and former vice president of risk and security for MasterCard.

Harkins works with individuals, as well as banks and businesses in Florida and across the country, to help them keep personal information out the hands of bandits. He also helps victims recover lost money and repair credit issues that result from identity crime.

"I'm not surprised by the new record," he said, predicting it will be broken by ID bandits repeatedly in coming years.

"It's to the point that in our industry we say everybody's personal information ends up in the hands of the bad guys," Harkins said. "It's just a matter of when they use it. It could be a month, a year or even 10 years after they've taken it."

In last week's ID theft ring bust, 11 people were arrested in connection with data breaches at nine major retailers, including TJX Cos., BJ's Wholesale Club, OfficeMax , Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW.

As Homeland Security Secretary Michael Chertoff told reporters, the band of thieves revealed the major weaknesses of cyber-security in the U.S. The Justice Department says the thieves hacked into the wireless computer networks of retailers and hijacked credit numbers, passwords and account information. Once that's done, personal information of customers can easily be sold repeatedly in black market chat rooms on the Web, sometimes for as little as $10 a pop. Then the information can be used to purchase items and services until victims realize something is wrong. And therein lies one of the most important lessons for consumers, Harkins says.

"The sooner victims can realize something is wrong and report it, the less pain they will suffer," he said. "Once thieves know someone is suspicious, they will get rid of their information and go to the next person. And there is always another person."

Like other experts, Harkins recommends keeping a tight lid on personal information:

Never provide your Social Security number to anyone unless required by law. While some merchants request it for marketing reasons, only give this information when asked by government agencies (including municipalities) or financial institutions (banks, credit card companies, etc.) you are doing business with.

Use a shredder when disposing of documents containing such information. It's best to use what are called micro-cutters, which turns paper into confetti and credit cards into plastic sand.

Put a lock on your mailbox or avoid putting envelopes containing personal information -- such as utility and credit card payments -- in the box for the carrier to pick up. Take those bills directly to the post office.

But Harkins also warns that such due diligence isn't enough. That's because your personal information also resides in myriad computer networks maintained by credit card companies, banks, doctor's offices, retail stores and anywhere else you have had to provide it. Those networks are constantly targeted by the most sophisticated ID theft rings.

"Individuals cannot keep themselves safe," he said. "Your ID is in hundreds or thousands of places that you have no control of. I've been in ID security for 30 years, and I'm no safer than you." He suggests finding help.

Here are some companies to consider: Companies such as LifeLock, TrustedID and myTruston charge fees to guard against ID theft, which may include placing such alerts with the bureaus. These companies charge about $100 a year and can "freeze" customer accounts so no new accounts, including car loans, credit cards and mortgages, can be opened under a client's name without permission. You can also ask the major three credit bureaus -- Equifax, TransUnion and Experian -- to alert you when someone applies for credit with your personal information.

Harkins' SecureIdentitySystems.com and FraudFacts.com and www.GetYourIdentityBack.com, help clients monitor identity activities, such as applications for drivers' licenses, health insurance and medical services which would not show up on a credit report. The cost for these services typically ranges from $40 to $150 per year.

When it comes to preventing ID theft, there's no shame in asking for help.

Daniel Vasquez can be reached at dvasquez@sun-sentinel.com, or 954-356-4219, or 561-243-6600, ext. 4219. To see more columns from Daniel Vasquez, go to sun-sentinel.com/vasquez.