Nova Scotia Power discloses data breach after March security incident

Nova Scotia Power confirmed a data breach involving the theft of sensitive customer data after the April cybersecurity incident.

Nova Scotia Power Inc. is a vertically integrated electric utility serving the province of Nova Scotia, Canada. Headquartered in Halifax, it is a subsidiary of Emera Inc. The company provides electricity to over 500,000 residential, commercial, and industrial customers across the province. Its operations encompass generation, transmission, and distribution of electricity, utilizing a diverse mix of energy sources including coal, natural gas, hydroelectric, wind, tidal, oil, and biomass. Nova Scotia Power manages approximately $5 billion in assets and produces more than 10,000 gigawatt-hours of electricity annually.

In April, Nova Scotia Power and Emera faced a cyber attack that has impacted their IT systems and networks. Both companies declared that the security incident did not cause any power outages. 

At this time, no ransomware group has claimed responsibility yet.

On April 25, both companies found unauthorized access to parts of their network. In response to the intrusion, the companies shut down affected servers, disrupting IT systems, including customer support lines and the online portal. As of April 28, they were still working to restore services, and confirmed that the incident did not “impact on their ability to provide safe, reliable power to their customers.

Emera confirmed no disruption to its Canadian operations, including Nova Scotia Power, and no impact on U.S. or Caribbean utilities.

The companies did not share technical details about the attack, however, experts speculate they have been targeted in a ransomware attack.

This week, the company disclosed a data breach after the April security incident and revealed that threat actors stole sensitive customer data. The investigation is still ongoing, however the cryptocurrency exchange has already determined that the incident occurred on or around March 19, 2025. Attackers gained access to certain customer information stored on the some servers and later taken by an unauthorized third party.

“While the investigation remains ongoing, we have determined that on or around March 19, 2025, certain customer information stored on the impacted servers was accessed and later taken by an unauthorized third party.” reads the update published by the company on May 14, 2025. “Notifications are in the process of being mailed to impacted account holders, which includes detailed information about resources and support. While we have no evidence of misuse of your personal information, as a precaution, arrangements have been made with the consumer reporting agency, TransUnion, to provide impacted individuals with a two-year subscription to a comprehensive credit monitoring service (TransUnion myTrueIdentity®) at no cost.“

The impacted personal information varies by customer and could include different types depending on what each customer provided, including name, phone number, email address, mailing and service addresses, Nova Scotia Power program participation information, date of birth, and customer account history (such as power consumption, service requests, customer payment, billing, and credit history, and customer correspondence), driver’s license number, and Social Insurance Number. For some of our customers, bank account numbers (for pre-authorized payment) may also have been impacted, if this information was provided by these customers.

Nova Scotia Power customers are warned about phishing scams impersonating the utility to steal data.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)