Nova Scotia Power has confirmed that it was targeted in a sophisticated ransomware attack, resulting in the theft of sensitive customer information. The breach, first detected on April 25, 2025, led to unauthorized access to parts of the company’s Canadian network and business application servers. While the company has not disclosed the specific ransomware group responsible, it has stated that no payment was made to the attackers, aligning with law enforcement guidance and applicable sanctions laws. (gbhackers.com)
The compromised data includes personal details such as names, dates of birth, contact information, service addresses, billing and payment histories, and, in some cases, sensitive information like driver’s license numbers, Social Insurance Numbers, and bank account details. Approximately 280,000 customers have been notified of the breach. Despite the breach, Nova Scotia Power emphasized that there was no disruption to electricity generation, transmission, or distribution services. (SecurityWeek)
The company has engaged third-party cybersecurity experts to assess the scope of the breach and is working closely with law enforcement agencies. Customers are advised to be vigilant against phishing attempts and suspicious communications. For more information and updates, affected individuals can visit the official Nova Scotia Power website.(SecurityWeek)
Source: SecurityWeek, Emera Inc. Press Release
