NEW YORK ( MainStreet) — You shopped at Target this holiday season. Bad news: your credit card is now one of the 40 million that may have been subject to a data breach that could cost consumers $4 billion.

What now?

There's no panacea. "If you're going to use a card there's always this risk that the system could be compromised," said Robert Heath, a consumer protection attorney in Pensacola, Fla.

But there are ways to mitigate your risk. Here are seven things you can do to protect yourself against fraud.

1. Cancel your card

If you shopped at Target with plastic over the period of the breach, November 27 to December 15, call your bank and ask for a new card with a different number, said attorney Lawrence A. Silverman of the Southeast Consumer Law. He also recommended changing passwords to any online accounts accessible online for cards used at the store.

"This is no doubt a major inconvenience," he said. But, he said, cancelling cards proactively is better than fighting fraud after the fact.

But not everyone agrees such a drastic course of action is needed. Cancelling cards before fraud is detected would lead to unnecessary annoyance, said Al Pascual, a senior analyst of security, risk and fraud at Javelin Strategy and Research. And while many consumers are aware of the high-profile Target breach, they often don't know about smaller scale security failures, he said.

"It may seem like an easy fix, but in reality, consumers don't know about all the breaches" that occur on their cards, Pascual said.

In order to decide whether to cancel your card, alert your bank, and see what the representatives there recommend, advises Linda Sherry, director of national priorities at Consumer Action.

2. Monitor your bank account and credit report

Pascual, Sherry and Silverman all recommended that consumers monitor their credit card statements, bank accounts and credit reports regularly to nip fraud in the bud.

"Consumers need to be on their game, be keyed into the fact that bad guys want their stuff and keep a watchful eye on it," said Pascual. As soon as someone detects an unauthorized charge, he should alert his financial institution, Pascual said. Sherry warns that consumers may have to report fraudulent charges within 60 days in order to be entitled to get their money back.

3. Set up a fraud alert

Another option to protect yourself after Target's breach is to set up fraud alerts with credit reporting agencies. After the alerts are active, companies will ask for additional proof of identity when someone tries to open an account in your name.

"That should be done anytime there's a suspected breach like this, even when a person doesn't know for sure that they're a victim of the breach," said Silverman.