Pulse Newsroom
A cyberattack traced to a Russian source prompted the Eastern Townships School Board (ETSB) to shut down its entire computer network Thursday morning as a precautionary measure, though board officials say no personal student or employee data was compromised and schools remained open.
The intrusion was detected shortly before 9 a.m. on Dec. 18, triggering an immediate response from the ETSB’s Information and Communications Technology (ICT) team in coordination with Quebec’s Centre gouvernemental de cyberdéfense. According to ETSB chair Michael Murray, the decision to shut down systems was made quickly once unauthorized access was identified.
“When they detected an intrusion, the reaction was to immediately shut down the system,” Murray said in an interview later that day. “That was a protective or defensive measure.”
How the attack unfolded
Murray said staff across the ETSB network became aware of the issue at roughly the same time, when ICT technicians deliberately took systems offline.
“There was a hack — somebody was in the system, an unauthorized person or persons,” he said. “So, the reaction was to immediately shut down the system, and that’s when the notifications started going out to the schools.”
The ETSB confirmed that while servers were targeted, its most sensitive databases — including GRICS applications, payroll systems and the GPI platform — were not breached. By mid-afternoon, technicians were able to determine that the files accessed were not sensitive.
“As late as this afternoon, we were able to determine that the software that relates to student identities and any information about them or their families was not hacked,” Murray said.
Origin traced to Russia
According to Murray, the cyberattack has been traced to a Russian source — a detail confirmed during the interview.
“We have been told that it’s been tracked down to a Russian source,” he said.
Murray said the likely motivation behind the attack was financial, noting that school boards hold extensive personal data that can be valuable on illegal markets.
“There is an entire black market where this information is bought and sold,” he said. “What they would like to do would be to pick up all of the personal information — student files, HR files — and sell it.”
Why some systems were vulnerable
Murray explained that the ETSB’s mixed technology environment helped limit the scope of the attack. Student Chromebooks, which store no local files, and Apple computers used by teachers, commissioners and senior administrators were not affected.
“The Chromebooks have no files on them, no hard drive — they are virtually unhackable,” he said. “The hack was not able to penetrate any of the Apple computers.”
Administrative systems using PC-based computers were more vulnerable.
“It was the administrative computers, the PCs, that were vulnerable,” Murray confirmed.
As a result, all PC-based administrative computers were ordered to remain shut down until each unit can be individually checked and cleared of malware — a process Murray said could take days or even weeks.
Impact on schools and services
Despite the disruption, ETSB schools remained open and instructional activities continued with limitations. Murray said the timing of the incident — right before the Christmas break — helped reduce its impact.
“We don’t have to shut down the schools, but it will be very inconvenient,” he said. “Happily, tomorrow is the last day before the Christmas break.”
Students and teachers were told their devices and accounts are safe to use over the holidays, while administrative systems remain offline.
“There is no problem with accessing your email,” Murray confirmed.
Next steps
The ETSB will continue working with the Centre gouvernemental de cyberdéfense as it restores systems and verifies that all devices are secure. Murray acknowledged that while cyberattacks cannot be fully prevented, rapid detection helped prevent a data breach.
“It’s not 100 per cent preventable,” he said. “It’s an issue of how quickly it spreads versus how quickly we’re able to detect its presence and shut down the system. It’s kind of like pulling the plug.”
The school board said it will provide additional updates as systems are brought back online and the cleanup process continues.
Updated at 4:56 p.m. on Dec. 18.
Correction [Dec. 19, 2025]: Dec. 18 is a Thursday, not a Wednesday.