I just received this warning from the Union Bank:

We and other banks have recently seen an increase in criminals using consumer usernames and passwords leaked in data breaches at other companies (like Target and Home Depot) to try to get access to customer accounts. Usernames and passwords are accessed through data breaches and then can be sold online for criminals to access.
• Almost every consumer industry is facing this issue now, particularly retail and finance businesses. Credentials don’t have to come from Union Bank to be used. If you are duplicating your user name and/or password across multiple sites/apps, you could be at risk.
• Union Bank has an overlapping set of defenses with our Digital Banking provider to combat this, including alerts to users and intelligent blocking. We also work with the Federal Government to share information to address the problem.
• What the user can do to protect your account: Don’t reuse passwords across multiple sites and change your login name to be different than your email and your other login names. The longer a user name and password is, the more difficult it is to crack, and caps, special characters and a combination of letters and numbers make them more difficult to guess. Never provide a user name or password when you are called or sent an email that asks for this information.