CyberSecurity news
FlagThis
@x.com
//
Nova Scotia Power confirmed a significant cybersecurity breach in April 2025, revealing that hackers successfully stole sensitive customer data. The breach, discovered on April 25, 2025, exposed a range of personal and financial information belonging to the utility's customers. Details compromised include names, contact details, service and billing addresses, dates of birth, power consumption data, and account histories. In some instances, more sensitive data such as driver’s license numbers, Social Insurance Numbers, and bank account information were also accessed by the threat actors.
Nova Scotia Power swiftly responded to the incident by shutting down and isolating the affected servers to prevent further unauthorized access. The company activated its incident response team and engaged third-party cybersecurity experts to contain the breach and restore systems securely. Customers whose data was compromised are being notified directly via letters containing specific details and instructions on how to protect their personal information. The utility emphasizes that while the incident impacted its network and servers, electricity generation, transmission, and distribution facilities were not affected.
To mitigate the potential impact of the data theft, Nova Scotia Power is offering affected customers a complimentary two-year subscription to TransUnion’s myTrueIdentity® credit monitoring service. This service is designed to help customers safeguard against potential identity theft or fraud. The company is urging customers to remain vigilant against fraudulent communications and to take necessary steps to protect their personal and financial information. The cyberattack serves as a wake-up call for infrastructure security, highlighting the vulnerabilities faced by critical infrastructure providers and the urgent need for robust cybersecurity measures.
References :
Nova Scotia Power swiftly responded to the incident by shutting down and isolating the affected servers to prevent further unauthorized access. The company activated its incident response team and engaged third-party cybersecurity experts to contain the breach and restore systems securely. Customers whose data was compromised are being notified directly via letters containing specific details and instructions on how to protect their personal information. The utility emphasizes that while the incident impacted its network and servers, electricity generation, transmission, and distribution facilities were not affected.
To mitigate the potential impact of the data theft, Nova Scotia Power is offering affected customers a complimentary two-year subscription to TransUnion’s myTrueIdentity® credit monitoring service. This service is designed to help customers safeguard against potential identity theft or fraud. The company is urging customers to remain vigilant against fraudulent communications and to take necessary steps to protect their personal and financial information. The cyberattack serves as a wake-up call for infrastructure security, highlighting the vulnerabilities faced by critical infrastructure providers and the urgent need for robust cybersecurity measures.
Share:
References :
- Talkback Resources: Nova Scotia Power experienced a cybersecurity breach resulting in the theft of customers' personal and financial data, prompting the company to offer free credit monitoring services as a precaution.
- thecyberexpress.com: Cyberattack Hits Nova Scotia Power: Customer Data Compromised
- The DefendOps Diaries: Details
- BleepingComputer: Nova Scotia Power confirms hackers stole customer data in cyberattack
Classification:
- HashTags: #DataBreach #CyberAttack #CustomerData
- Company: Nova Scotia Power
- Target: Customers of Nova Scotia Power
- Product: Nova Scotia Power IT Systems
- Feature: Unauthorized Access
- Type: DataBreach
- Severity: Major