As a separate but related issue:
It would be good to note that if a credit card database has been hacked, there is most likely the same threat that all account information as well. This would include address, information, "hint" password (e.g. mother's maiden name), real password, birthdate (if you were so inclined), etc...
All truly dangerous information to have laying around. Assuming that everyone is smart enough to not use their real birthdate, and also smart enough not to use mother's maiden name as hint, then the catch is to make sure that your password is unique for any site. For a while I thought that it was stored encrypted in most places... until I called a retailer one day and they "read-back" my exact password back to me.
I then realized that most databases were designed for data integrity first and usability second. Security is not even usually third. They had all passwords in clear text, and readable by all CSR's. *brrrrr*
So, use different passwords for every site you go to. I think it's about time that I go and update all my passwords again. With the recent hacks, it's definitely time to change everything one more time. It's not misplaced paranoia if everyone is already out to get you.
8)