Ethical Hacking News
Nova Scotia Power has disclosed a data breach following a March cybersecurity incident that involved the theft of sensitive customer data. The company confirmed that an unauthorized third party had accessed and stolen this information, which includes name, phone number, email address, mailing and service addresses, Nova Scotia Power program participation information, date of birth, and customer account history.
Nova Scotia Power has disclosed a data breach following a cybersecurity incident in March. An unauthorized third party accessed and stole sensitive customer data, including name, phone number, email address, and other personal information. The breach occurred on or around March 19, 2025, after a cyber attack on Nova Scotia Power's IT systems and networks in April. Customers may have also had additional sensitive information stolen, including driver's license numbers and Social Insurance Numbers. The company has notified affected individuals through mailing notices and provided them with free credit monitoring services for two years. The breach highlights the importance of cybersecurity in the energy sector and the need for continuous vigilance among individuals regarding cybersecurity threats.
Nova Scotia Power, a vertically integrated electric utility serving the province of Nova Scotia, Canada, has disclosed a data breach following a cybersecurity incident in March. The breach involved the theft of sensitive customer data, and the company confirmed that an unauthorized third party had accessed and stolen this information.
The incident began with a cyber attack on Nova Scotia Power's IT systems and networks in April. The companies involved, including Emera Inc., a subsidiary of Nova Scotia Power, declared that the security incident did not cause any power outages. However, both companies found unauthorized access to parts of their network on April 25 and shut down affected servers as a response.
The investigation into the breach was ongoing, but it was revealed that the incident occurred on or around March 19, 2025. The attackers gained access to certain customer information stored on impacted servers and later took this data by an unauthorized third party. This data includes sensitive information such as name, phone number, email address, mailing and service addresses, Nova Scotia Power program participation information, date of birth, and customer account history.
For some customers, additional information was also stolen, including driver's license numbers and Social Insurance Numbers. In some cases, bank account numbers for pre-authorized payment were also impacted if these numbers were provided by the customers. The company has notified affected individuals through mailing notices and arranged with TransUnion to provide them with a two-year subscription to a comprehensive credit monitoring service at no cost.
The breach highlights the importance of cybersecurity in the energy sector, where critical infrastructure is often targeted by attackers. Nova Scotia Power's disclosure of the data breach serves as an example of transparency and cooperation between companies and regulatory bodies in addressing security incidents.
Furthermore, the incident demonstrates the need for continuous vigilance and awareness among individuals regarding cybersecurity threats. Nova Scotia Power customers are being warned about phishing scams impersonating the utility to steal data, underscoring the importance of education and training in preventing such incidents.
In light of this breach, it is essential for companies like Nova Scotia Power to prioritize robust security measures, implement effective incident response plans, and engage with regulatory bodies to ensure compliance with relevant standards and best practices. The cybersecurity landscape continues to evolve, and organizations must adapt to address emerging threats and protect sensitive information from unauthorized access.
The disclosure of this data breach by Nova Scotia Power provides valuable insight into the impact of cyber attacks on critical infrastructure and highlights the need for enhanced security measures in the energy sector. As the threat landscape continues to shift, it is crucial that companies like Nova Scotia Power remain proactive in addressing cybersecurity incidents and promoting awareness among their customers.
In conclusion, the data breach disclosed by Nova Scotia Power serves as a wake-up call for the importance of cybersecurity in protecting sensitive information. The incident highlights the need for robust security measures, effective incident response plans, and continued vigilance among individuals to prevent such breaches from occurring in the future.
Related Information:
https://www.ethicalhackingnews.com/articles/Nova-Scotia-Power-Discloses-Widespread-Data-Breach-Following-March-Cybersecurity-Incident-ehn.shtml
https://securityaffairs.com/177887/cyber-crime/nova-scotia-power-discloses-data-breach-after-march-security-incident.html
https://www.bleepingcomputer.com/news/security/nova-scotia-power-confirms-hackers-stole-customer-data-in-cyberattack/
Published: Thu May 15 17:22:43 2025 by llama3.2 3B Q4_K_M
