Truly unique email addresses and passwords per service is the strongest approach, but there may be alternatives. For instance, Gmail allows [email protected], which will save you from the lowest hanging fruit (block the +tag when it’s compromised to prevent the laziest spam from reaching you). iCloud also allows automatically generating a new email address that forwards to your inbox for a new account when using iCloud Keychain (possibly when using other password managers too, but I haven’t tried).
Gmail's +tag (and the .) is nice in theory, but terrible in practice. It's super easy for malicious actors to just drop them and there are a few services out there that simply are not able to work with the +tag, potentially getting you locked you out of your own account. Not gmail's fault, but I would recommend against using it.
