Cyber Incident Victim: Quebec teachers

In February 2018, Quebec’s education minister publicly disclosed a significant data breach affecting current and former education sector employees. The incident exposed sensitive personal information belonging to as many as 360,000 teachers and other education workers across the province. Authorities confirmed that unauthorized actors had accessed the data, though the specific methods of intrusion or duration of exposure were not detailed in initial announcements. The compromised information posed immediate risks of identity theft given its scale and sensitivity. Provincial police launched an investigation into the breach shortly after its discovery, coordinating with relevant educational institutions to assess the full scope. No further specifics regarding the data’s storage systems, security protocols, or exact types of exposed records were released publicly at this stage.

By April 2018, Quebec provincial police arrested three Montreal residents in connection with the breach, identifying them as central figures in an organized identity theft operation exploiting the stolen teacher data. The suspects—Frédéric Lapointe (41), Rath Pak (41), and Jimmy Saintelien (39)—were apprehended on a Friday following investigative efforts tracing the misuse of the compromised information. Police characterized the operation as widespread but did not elaborate on how the stolen data was monetized or distributed. The arrests marked the first publicly confirmed enforcement action directly linked to the breach, though investigators did not comment on whether additional collaborators were sought. The incident remained under active investigation by provincial authorities following the arrests, with no further victim impact statistics or recovery measures disclosed in immediate follow-up reporting.