194/68 Wednesday, May 28, 2025
Nova Scotia Power, a Canadian electric utility company, officially confirmed on May 23, 2025, that it had fallen victim to a ransomware attack. Despite the theft and public exposure of customer data, the company stated that it did not pay any ransom, citing legal considerations related to sanctions and guidance from law enforcement agencies.
The incident was first disclosed by Nova Scotia Power and its parent company Emera on April 28. On May 1, the company acknowledged that threat actors had gained access to some customer data. By May 14, it revealed further details, confirming that compromised information included names, birth dates, phone numbers, email addresses, home addresses, energy usage history, service requests, and payment and credit history. Additionally, for customers enrolled in pre-authorized payments, the breach also exposed driver’s license numbers, Social Insurance Numbers (SIN), and bank account details.
The company emphasized that the attack did not affect power generation, transmission, or distribution. Nova Scotia Power is working closely with cybersecurity experts to investigate the breach. As of now, no ransomware group has claimed responsibility, and the company’s name has not appeared on any known ransomware leak sites. Notifications are being sent to approximately 280,000 customers impacted out of a total customer base of 550,000. The incident highlights growing concerns among cybersecurity experts about the vulnerabilities of energy infrastructure, especially amid persistent threats from state-sponsored hacking groups.
