Nova Scotia Power Confirms Ransomware Attack Following Data Breach
Almost a month after alerting customers about a cyberattack, Nova Scotia Power has now confirmed it is dealing with a ransomware incident.
The breach was initially disclosed on April 28 by the Canadian utility and its parent company, Emera. By May 1, the companies acknowledged that hackers had accessed some customer data.
In a follow-up notice issued on May 14, Nova Scotia Power revealed that compromised information includes names, dates of birth, phone numbers, email addresses, mailing and service addresses, power usage details, service requests, and billing, payment, and credit history.
Hackers also obtained sensitive data such as Social Insurance Numbers, driver’s license numbers, and bank account details provided for pre-authorized payments.
The company stressed that electricity generation, transmission, and distribution services were not affected by the attack.
In its most recent update posted on May 23, Nova Scotia Power described the incident as a “sophisticated ransomware attack” and confirmed that no ransom payment had been made. This decision was based on legal considerations and guidance from law enforcement.
The utility also noted that stolen data has been published online. Cybersecurity specialists are now investigating the extent of the breach. Out of roughly 550,000 customers, about 280,000 are being notified about the data exposure.
Security experts have long warned about vulnerabilities in power grids. These warnings have been validated by real-world incidents involving state-sponsored hackers who have targeted energy infrastructure to disrupt services or conduct espionage.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
