Nova Scotia Power Hack Exposes Customer Information

Nova Scotia Data Breach

Nova Scotia Power has confirmed a cybersecurity breach that resulted in the theft of sensitive customer data. The company detected unauthorized access to its network on April 28, 2025. Although electricity supply remained unaffected, internal operations experienced disruptions during the incident response.

Further investigation revealed that threat actors stole personal data, affecting a portion of the utility’s 500,000+ customers. The breach occurred on March 19, but affected individuals only began receiving notifications by mail in May.

Scope of the Data Breach

The exposed data includes a wide range of customer information:

  • Full name, email, and phone number
  • Mailing and service addresses
  • Power usage and billing history
  • Service requests and credit records
  • Program participation details
  • Date of birth and customer correspondence
  • Driver’s license and Social Insurance Numbers
  • Bank account details (for some individuals)

Although no signs of data misuse have emerged, the scale of the breach has raised serious privacy concerns.

Company Response and Customer Support

To mitigate the risk, Nova Scotia Power partnered with TransUnion to offer two years of free credit monitoring to impacted individuals. Notifications are currently being mailed, outlining support resources and protective measures customers can take.

“While we’ve found no evidence of identity theft, we’re taking proactive steps to safeguard our customers,” the company stated in its update. The incident also prompted immediate enhancements to security protocols and system monitoring.

Delayed Detection Raises Questions

The breach took place in mid-March but remained undiscovered until late April. This nearly six-week delay meant that customers remained unaware of the risks for an extended period. Transparency efforts are now underway, although critics question why disclosure took so long.

No Ransomware Claims—Yet

As of now, no ransomware group has claimed responsibility for the attack. However, cybersecurity experts warn that stolen data could still be used in phishing or identity fraud schemes. Customers should remain cautious, especially if contacted by individuals posing as utility staff.

Nova Scotia Power emphasized that it will continue working with external security firms to trace the breach’s origin and strengthen defenses against future threats.

Facebook
X
LinkedIn
Picture of Fredrik Bjoerklund
Fredrik Bjoerklund
Fredrik Björklund serves as the CEO of Eye World, bringing with him over two decades of experience in internet-based industries. With a strong background in Internet and Cybersecurity, Fredrik is recognized as a seasoned expert in digital risk management, online infrastructure, and the ever-evolving cybersecurity landscape. His deep understanding of the digital world positions him as a trusted voice in the industry. As part of his leadership role, Fredrik will take an active position in curating and reporting on global cybersecurity developments. He will regularly update the Eye News Section with the latest insights, emerging threats, and critical updates in the cybersecurity domain, ensuring readers are well-informed in an increasingly digital and vulnerable world.

Leave a Reply

Your email address will not be published. Required fields are marked *

© 2025 Eye World AB

Linkedin Youtube

Products

Industries

Knowledge

About Us