Nova Scotia Power has confirmed it is the victim of a ransomware attack that compromised certain IT systems and led to the online leakage of data from approximately 280,000 customers. The stolen information potentially includes billing details and, for those using autopay, bank account numbers. While ransomware attacks on utilities and critical infrastructure are on the rise, often targeting systems with weaker defences, Nova Scotia Power has confirmed that it did not pay the ransom demanded by the attackers.
The utility, a subsidiary of Emera, provides electricity to over 500,000 customers in Nova Scotia, covering 95% of the market. It generates over 10,000GWh of electricity annually, distributed via a 32,000km network of power transmission lines.
The breach was first identified last month and described as “a cybersecurity incident involving unauthorised access into certain parts of its Canadian network and servers supporting portions of its business applications.” An investigation later pinpointed the attack’s commencement around 19 March 2025.
By 1 May 2025, further investigation revealed that customer data might have been compromised. The company confirmed the exposure of data, including full names, contact details, service addresses, program participation, dates of birth, customer account histories, and sensitive information such as driver’s license numbers, Social Insurance Numbers, and bank account numbers for some customers.
“Today, we are confirming we have been the victim of a sophisticated ransomware attack,” reads Nova Scotia Power’s cyber incident status update. “Since the incident began several weeks ago, Nova Scotia Power has been actively working with the assistance of third-party cybersecurity experts to restore our systems safely and investigate the incident. We have also been working to further strengthen our systems and add additional security protections.”
Nova Scotia Power collaborates with experts to enhance security
Nova Scotia Power said it is working with cybersecurity experts to evaluate the extent of the compromised information. Impacted customers have been notified, receiving detailed information about available resources and support. The utility has arranged with TransUnion to offer a two-year subscription to a comprehensive credit monitoring service at no cost to affected individuals.
Customers are advised to enrol in the TransUnion credit monitoring service and remain vigilant against unsolicited communications. They should avoid clicking on suspicious links or downloading attachments without verifying their authenticity. Nova Scotia Power expressed regret over the incident, emphasising its commitment to protecting customer privacy and information security.
In January this year, energy sector contractor ENGlobal confirmed that a ransomware attack in November last year compromised personal information. The incident, which took place on 25 November 2024, led ENGlobal to take certain systems offline to contain the situation, restricting access to only essential business operations.
Read more: Nova Scotia Power data breach exposes sensitive customer information
