Nova Scotia Energy confirms it suffered a data breach after risk actors stole delicate buyer information in a cybersecurity incident found final month.
Nova Scotia Energy, a subsidiary of Emera Inc., is a big utility in Canada. It serves over 500,000 residential, industrial, and industrial prospects in Nova Scotia, holding 95% of the market share.
It generates over 10,000 GWh of power yearly, distributed by way of an in depth community of energy strains extending for 32,000 kilometers (20,000 miles).
On April 28, 2025, the corporate introduced that it had found unauthorized entry into sure components of its community and servers supporting its enterprise.
Though there was no affect on the corporate’s electrical energy manufacturing and distribution, the incident response efforts disrupted inner operations.
Additional investigations revealed on Could 1, 2025, that buyer data might need been stolen. An replace printed yesterday confirmed this earlier discovering, specifying the next information was uncovered:
- Full identify
- Telephone quantity
- E-mail handle
- Mailing and repair addresses
- Nova Scotia Energy program participation data
- Date of beginning
- Buyer account historical past (energy consumption, service requests, buyer fee, billing, credit score historical past, and buyer correspondence)
- Driver’s license quantity
- Social Insurance coverage Quantity
- Checking account numbers (for some prospects)
Additionally, the corporate discovered that the precise breach occurred sooner than initially anticipated, on March 19, 2025, which signifies that practically two months had handed by the point affected prospects have been knowledgeable by way of notices mailed to their addresses.
Nova Scotia Energy says there aren’t any indicators the stolen information has been misused, however it’ll present two years of credit score monitoring service protection to letter recipients to mitigate the dangers.
“Notifications are within the strategy of being mailed to impacted account holders, which incorporates detailed details about assets and help,” reads the incident standing replace.
“Whereas we’ve got no proof of misuse of your private data, as a precaution, preparations have been made with the patron reporting company, TransUnion, to offer impacted people with a two-year subscription to a complete credit score monitoring service without charge.”
Clients of Nova Scotia Energy are suggested to stay vigilant for phishing makes an attempt, together with circumstances of risk actors impersonating the utility to trick folks into giving freely delicate information.
On the time of writing, no ransomware gangs have assumed accountability for the assault at Nova Scotia Energy.
Primarily based on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK strategies behind 93% of assaults and defend in opposition to them.
