Your digital identity is made up of the personal information that identifies you online—your name, phone number, Social Insurance Number (SIN), and login credentials. Each time you interact with a website, cloud service, or social platform, bits of that identity are shared and stored. Over time, this collection of data becomes valuable, and vulnerable.
For UBC faculty and staff, protecting personal and institutional information is part of our shared responsibility. Many of us handle sensitive data every day, such as student grades, employee SINs, or financial details. If that information is exposed, it can be misused in ways that go well beyond traditional financial fraud.
Identity theft—when someone collects or uses your personal information without permission—is no longer just about stealing money. Today’s threats target the many ways our identities are woven into the digital world.
How Identity Theft Has Evolved
Deception and Data Breaches: Modern identity theft often starts with deception. Phishing remains one of the most common tactics: attackers send emails, texts, or calls that appear to come from a trusted source—sometimes even a university department or financial institution. These messages encourage you to click a link, open an attachment, or share credentials.
Even if you never respond to a suspicious message, your information can still be compromised through third-party data breaches—when an external vendor or online service you use is attacked. Once exposed, that data can be bought and sold, setting the stage for further misuse.
Exploiting Identities for Broader Gain: Identity theft has expanded far beyond stolen credit cards. Criminals now use personal data to open new accounts, apply for benefits or loans, file false tax returns, or even impersonate someone during an arrest (known as criminal identity theft).
In the healthcare space, medical identity theft allows someone to use another person’s information to access medical care or prescriptions, or to submit false insurance claims.
The Rise of SIM Swapping: A newer and increasingly common tactic is SIM swapping (also called a port swap scam). In this scenario, criminals collect pieces of personal information—such as your name, address, or phone number—from social media or stolen mail. They then contact your mobile provider, pretending to be you, and request that your phone number be transferred to their device.
Once they control your number, they can intercept security codes sent by text or call, bypassing multi-factor authentication (MFA) and gaining access to your online accounts. This type of identity theft can happen quickly and can affect both personal and professional accounts.
Why This Matters at UBC
At UBC, every faculty and staff member plays a role in safeguarding personal and institutional information. When personal data is mishandled or stolen, the consequences can extend beyond financial loss—impacting individuals, research integrity, and public trust.
Here are a few ways to strengthen data protection in your daily work:
- Encrypt Your Devices: Encryption keeps your files secure by making stored data unreadable without proper access credentials.
- Share Securely: Use UBC-approved services such as TeamShare or OneDrive for sharing files. Avoid sending high-risk data (like SINs or health information) over email; if it must be sent, encrypt the attachment first.
- Minimize and Store Safely: Download only what you need, remove unnecessary personal details, and store information in approved, encrypted folders instead of local drives or unencrypted devices.
Building a Culture of Awareness
Identity theft has evolved from simple financial fraud to complex data exploitation—but our awareness and habits can make a real difference. By understanding how identity theft works and applying safe practices both at home and at work, we strengthen not only our own defences but also the collective resilience of the UBC community.