Another big breach victim now has emerged: the world’s second largest airline, United Airlines, has been breached. Apparently by the same crew that is believed to be Chinese state sponsored hackers that a few months ago breached the US Office of Personnel Management — with its massive files on government workers – and various health insurers.

Much about the United breach remains unknown but here is one indisputable fact:  the Chinese seem to be building a massive database on Americans, definitely numbering in the tens of millions, possibly in the hundreds.

Below we tell you one simple thing you need to do now to protect yourself

But, for starters, understand that security experts believe that what the hackers were after is simple:  travel records of United passengers.

Adam Boone, an executive with information security company Certes Networks, explained why this matters: “Reports on the United Airlines breach show that the hackers may have grabbed flight manifests, which would include passenger names and dates of birth…. Imagine you could cross-reference all of United’s passenger manifests with the data stolen from the US Office of Personnel Management. So you could track the flights and movements of people with a certain US federal security clearance, or who work for a particular US government agency. That would have immediate national security implications.”

Edward Harvey, CEO of IT company Concept Blossom, elaborated: “To understand the value of travel and personal information, ask yourself, ‘Why does the NSA monitor the time and duration of peoples’ phone calls? Why do they scan family photos posted on social media?’ By correlating data between systems, they can discover which people interacted with each other, discover political alignments, personal interests, personal relationships, and infer knowledge from it.

By capturing passenger travel information from United, a foreign intelligence agency would ideally be able to identify members of the target nation’s intelligence agencies, and gain knowledge to those individuals’ personal vulnerabilities. Every intelligence agency, in every country, maintains a huge private database of exploitable vulnerabilities – both foreign and domestic, personal and technological. The hackers who identify and categorize these vulnerabilities are essentially providing the toolbox for other agents in their organization.”

Think about that: the Chinese may be on the verge of literally knowing your every move and every weakness.

Why bother, you want to know?  Good question, because from one perspective the Chinese – always assuming they are the culprits and their US embassy explicitly denies any involvement – would appear now to be drowning in data.

But just maybe their prevailing philosophy is to know more and more.  Josh Chin, managing partner at security company Net Force, put a bow on what the Chinese are up to with this insight: “From our perspective, [this] is classic Sun Tzu ‘Art of War’ tactics. To quote Sun Tzu, ‘If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.’”

Pretty obviously the Chinese are aiming not to fear the result of a hundred battles.

And maybe we should begin cultivating our own fears.

What can you do – right now – to better protect yourself against hackers who may in fact know just about everything about you? Dwayne Melancon, chief technology officer at security company Tripwire, offered a DIY security self-defense approach that is straight out of a LeCarre spy novel.

Remember all those personal security questions you have answered at banks and similar places – favorite third grade teacher, first pet, all that stuff? Just assume the Chinese have the resources now to know the answers.  No matter how obscure the data point, probably the answer exists somewhere on the Internet – and the Chinese may have it.

And if it’s not them who has this data, whoever does have it will be able to piece together answers to your most personal and private past.

What to do? Lie. Make up fake answers, advises Melancon.  Say your favorite ice cream is anchovy, your favorite grammar school teacher was Gwyneth Paltrow, and your favorite place to vacation is the South Bronx.  All crazy? Indeed.  Which is why it’s brilliant.  No data mining can surface these answers because they are rubbish.

For every site, make up a list of unique – and bizarre – answers. The stranger – the more false – the better.

And just maybe this has become the kind of topsy-turvy world we all now live in.