On April 25, 2025, Canadian electric utility Nova Scotia Power and its parent company Emera reported a significant cybersecurity incident involving unauthorized access to parts of their Canadian network and servers supporting business applications. The breach disrupted IT systems, including the utility’s customer care phone line and online portal. However, there were no power outages reported, and physical operations, such as generation, transmission, and distribution facilities, remained unaffected.
In response to the attack, the companies promptly activated their incident response and business continuity protocols, engaged leading third-party cybersecurity experts, and took actions to contain and isolate the affected servers to prevent further intrusion. Law enforcement officials have been notified, and the companies are investigating whether any customer or confidential business information was compromised.
As of April 28, 2025, Nova Scotia Power has been working on restoring impacted systems, but no further updates have been provided. The companies have not disclosed whether the attack was a ransomware incident, and no known ransomware group has taken credit for the intrusion.
This incident highlights the increasing threat of cyberattacks on critical infrastructure and the importance of robust cybersecurity measures to protect essential services. The companies’ swift response and collaboration with cybersecurity experts and law enforcement demonstrate a commitment to safeguarding their operations and customer data.
For more information, visit the official websites of Nova Scotia Power and Emera:
Stay informed about cybersecurity threats and best practices to protect yourself and your organization.