Cyber Threat Actor: Frédéric Lapointe
| Actor Type | Location | Known Incidents |
Criminal
|
Canada
|
1 incident |
|---|
Profile
Fredrick Lapointe, also known as Frédéric Lapointe, is a threat actor identified in connection with a large‑scale identity theft operation that targeted individuals in Canada. He is based in Montreal, Quebec, and has been publicly named by Quebec provincial police as one of three men arrested for the alleged theft of personal information. The aliases used in reporting reflect variations of his first name and surname spelling but refer to the same individual. No additional aliases or alternative identifiers have been disclosed in the available sources.
The actor’s known activity focuses on the education sector within the province of Quebec, specifically targeting teachers and education workers. The operation described by authorities involved the unauthorized acquisition of personal information from a large group of current and former employees in that sector. The stated purpose of the activity was to conduct an identity theft scheme, as explicitly characterized by law enforcement in their public statements. No further details about secondary objectives, such as espionage or disruption, have been provided in the referenced material.
The most significant publicly reported campaign linked to Fredrick Lapointe occurred in early 2018, when the personal data of as many as 360,000 Quebec teachers and ex‑teachers was exposed. Quebec’s education minister disclosed the breach, prompting an investigation that culminated in the arrest of Frédéric Lapointe, Rath Pak, and Jimmy Saintelien on February 1, 2018. The police described the trio as being behind a widespread identity theft operation that harvested the compromised information. This incident remains the only concrete example of the actor’s conduct that has been documented in open sources.
No public attribution to a state sponsor, criminal consortium, or larger organized group has been established for Fredrick Lapointe or his associates. The available information limits the discussion to the individual’s identity, the specific targeting of Quebec education personnel, and the confirmed 2018 data breach incident. Consequently, the profile is confined to these verified facts without extrapolation beyond the supplied context.
