Nova Scotia Energy confirms it suffered an information breach after menace actors stole delicate buyer information in a cybersecurity incident found final month.
Nova Scotia Energy, a subsidiary of Emera Inc., is a big utility in Canada. It serves over 500,000 residential, industrial, and industrial clients in Nova Scotia, holding 95% of the market share.
It generates over 10,000 GWh of vitality yearly, distributed by means of an in depth community of energy strains extending for 32,000 kilometers (20,000 miles).
On April 28, 2025, the corporate introduced that it had found unauthorized entry into sure elements of its community and servers supporting its enterprise.
Though there was no influence on the corporate’s electrical energy manufacturing and distribution, the incident response efforts disrupted inside operations.
Additional investigations revealed on Might 1, 2025, that buyer data might need been stolen. An replace revealed yesterday confirmed this earlier discovering, specifying the next information was uncovered:
- Full identify
- Cellphone quantity
- E-mail deal with
- Mailing and repair addresses
- Nova Scotia Energy program participation data
- Date of beginning
- Buyer account historical past (energy consumption, service requests, buyer fee, billing, credit score historical past, and buyer correspondence)
- Driver’s license quantity
- Social Insurance coverage Quantity
- Checking account numbers (for some clients)
Additionally, the corporate discovered that the precise breach occurred sooner than initially anticipated, on March 19, 2025, which implies that practically two months had handed by the point affected clients have been knowledgeable by way of notices mailed to their addresses.
Nova Scotia Energy says there aren’t any indicators the stolen information has been misused, however it can present two years of credit score monitoring service protection to letter recipients to mitigate the dangers.
“Notifications are within the means of being mailed to impacted account holders, which incorporates detailed details about assets and assist,” reads the incident standing replace.
“Whereas we have now no proof of misuse of your private data, as a precaution, preparations have been made with the patron reporting company, TransUnion, to supply impacted people with a two-year subscription to a complete credit score monitoring service for gratis.”
Prospects of Nova Scotia Energy are suggested to stay vigilant for phishing makes an attempt, together with instances of menace actors impersonating the utility to trick folks into making a gift of delicate information.
On the time of writing, no ransomware gangs have assumed duty for the assault at Nova Scotia Energy.
Primarily based on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and learn how to defend towards them.
