WASHINGTON — Really, must we all go back to cash-only to protect our personal information?

In the past several years, millions of consumers have been put at risk of identity theft as their personal information has been either stolen from or left unprotected by the companies that collect it. The latest data breach involves TJX Companies Inc., which operates the T.J. Maxx and Marshalls retail stores.

The company recently revealed that the computer systems that process customer transactions had "suffered an unauthorized intrusion," and that some information had been stolen. In a statement, TJX said it did not know the full extent of the theft or how many customers might have been affected. The break-in involved the portion of TJX's computer network that handles credit card, debit card, check and merchandise return transactions for customers of T.J. Maxx, Marshalls, HomeGoods and A.J. Wright stores in the United States and Puerto Rico, as well as the Winners and HomeSense stores in Canada.

TJX did what it was supposed to do and alerted law enforcement agencies. The company also said this: "With the help of leading computer security experts, TJX has significantly strengthened the security of its computer systems."

As a customer of TJX's stores, I'm glad to know they are beefing up their security.

But then the company said something we all should keep in mind. "No computer security can completely guarantee the safety of data."

Therein lies the problem. No matter how many firewalls are built to protect our information, the con artists are actively working to outsmart the companies that store consumer data.

So what can consumers do?

Well, we can press our state lawmakers to enact legislation that would greatly reduce access to our credit files. I'm talking specifically about a way to put a "security freeze" on our credit reports.

A security freeze blocks all access to your credit reports and credit scores. This is better than a fraud alert, which simply advises that you may be a victim of identity theft. With an active fraud alert, lenders can still access your file. However, with a freeze, consumers control access to their credit files. A security freeze prohibits, with certain specific exceptions, the credit reporting agency from releasing your credit report or any other information without your express authorization. Often that means giving them a PIN or confirmation number.

There is a downside to a security freeze. It can make it harder for you to take advantage of instant credit offers because you have to notify the credit bureaus to lift the freeze. In addition, to temporarily remove a freeze and to reactivate it later, you may have to pay a fee. Fees vary by state, but generally it's $10. In many states, senior citizens and victims of identity theft are not charged to place a freeze on their credit report.

Twenty-six states and the District of Columbia have adopted laws that allow consumers to freeze access to their credit files to prevent crooks from opening fraudulent accounts with stolen information, according to the Consumers Union.

As the 2007 state legislative sessions begin around the country, 17 states are considering security freeze laws, the consumer advocacy group recently reported.

Here's the thing: Rather than complain that companies can't protect our information, we need to push our state lawmakers to enact legislation that makes it easier for us to protect ourselves.

Take the time to check whether lawmakers in your state are considering such a bill, and then write to support the legislation. To see which state legislatures are considering security freeze laws, go to www.financialprivacynow.org, set up by the Consumers Union. Click on the link "Learn More." Then look for "Current State Security Freeze Bills."

Many security freeze laws became effective last month. For more information on existing such state laws, go to the same site, click on "Learn More," and look for "States with Security Freeze Laws."

Among the states with security freeze laws, five give consumers the right to put a freeze on credit files only after they become identity-theft victims. Those states are Hawai'i, Kansas, Texas, South Dakota and Washington.

As more people become victims of identity theft, it's time to expand the security measures we use, says Gail Hillebrand, financial services campaign manager for the Consumers Union.