Cyber Incident Victim: Saint Jean-Baptiste de La Salle

The cyberattack on Collège privé La Salle in Brive-la-Gaillarde began when an employee opened a malicious email in December 2024, triggering the installation of ransomware. The malware encrypted the school's digital systems, blocking access to all stored data including academic records, administrative documents, and historical student reports. Attackers demanded an 8,000 euro ransom payment in exchange for decryption, with the IT manager confirming the amount after interacting with the ransomware interface. School administrators refused payment after determining no reliable decryption method existed and receiving no guarantees of data recovery. The attack resulted in permanent data loss affecting current and former students, particularly impacting families who hadn't downloaded digital report cards from the school's software platform prior to the incident.

In response to the attack, the institution prioritized system restoration over ransom negotiations. The IT department worked to rebuild systems while acknowledging the irreversible loss of academic records for graduates. The college subsequently allocated 25,000 euros for cybersecurity enhancements to prevent future incidents, though specific technical measures weren't disclosed publicly. Operational disruptions occurred during system recovery, requiring manual workarounds for academic operations. The attack exposed vulnerabilities in the school's transition to digital record-keeping, particularly regarding long-term data preservation strategies for transient student populations. No evidence suggested data exfiltration beyond the encryption lock, with impacts primarily confined to data availability rather than confidentiality breaches.