Michaels Stores Inc. said about 2.6 million cards used at its namesake stores may have been affected in a security breach. But the company said it has received "limited" reports of fraud.
The security breach at Michaels stores occurred from May last year to January of this year.
Customers who use credit cards feel protecting their identity is really a game of Russian roulette.
U.S. Rep. Jim Langevin has been worried about Internet and cybersecurity for years.
"This really does go to the heart of protecting our economy," said Langevin, a Rhode Island Democrat.
Langevin has tried for years to pass laws beefing up security on the Internet. But he has been unable to get bills passed in Congress that would mandate reporting by companies when their accounts are hacked or that force major retailers to achieve any level of security.
"The individual company, for the most part, is responsible for protecting their own systems. There's no one really in charge, if you will, requiring more cybersecurity," Langevin said.
He said the best consumers can do is to check their accounts frequently to see if anyone has taken their credit card information to make purchases.
AAA Southern New England recognizes how much of a concern this is, and now offers members access to a reporting firm that will alert them to unusual purchases. It's the kind of checkup you might get from a doctor.
"It's the same kind of idea to apply to your financial health. We have many opportunities -- it's common sense, really -- for us to protect ourselves in a world where protection is critically important," said Mary Wyatt of AAA Southern New England.
As far as getting action from Congress, Langevin said the problem has been reluctance by representatives to touch anything related to surveillance since the Edward Snowden leak of NSA documents showed how much the government is snooping on the public.
Langevin said he hopes once a law restricting NSA surveillance passes, his cybersecurity laws will have a better chance.
The Associated Press contributed to this report.