- Nova Scotia Power reported a cyber incident in March 2025
- Critical customer data, such as names, Social Security Numbers, and potential banking details, were compromised
- Customers impacted will receive free identity theft monitoring
Nova Scotia Power, a leading electricity provider in Canada, has come forward to acknowledge a troubling cyberattack that compromised a wealth of sensitive customer information. The company released a statement on its website detailing the incident, which has raised significant concerns among its clientele.
The breach was originally noted in April 2025, prompting a swift response from the company. While operations remained largely unaffected, there had been ongoing efforts to restore affected IT systems. Their willingness to communicate openly about the situation is noteworthy; in the face of such events, a lack of clarity can often heighten fear rather than soothe it.
Investigations revealed that the breach occurred on March 19, 2025, ultimately affecting a wide array of personal data. The compromised information includes names, contact numbers, email addresses, as well as physical addresses. In a more alarming revelation, birth dates, account histories, and even driver’s license numbers along with Social Insurance Numbers were part of the stolen data.
No Evidence of Misuse Found
“In certain cases, bank account details tied to automatic payments might also have come under threat based on customers’ disclosures,” the company indicated.
This specific element is particularly unsettling; it has the potential to facilitate incidents of fraud and other criminal activities. While the stolen data could be weaponized in various unscrupulous ways, the prospect of financial fraud stemming from compromised banking details is especially disconcerting.
Despite the gravity of the cyber breach, Nova Scotia Power provided reassurance by stating that they have yet to find any evidence indicating the stolen data has been exploited. They are also acting proactively by offering impacted customers a complimentary two-year subscription to a robust credit monitoring service—an essential tool in navigating these uncertain circumstances.
In their efforts to address the situation, the company is reaching out to affected customers, although they have not specified the total number impacted. So far, no hacker group has publicly taken responsibility for this breach, leading to a sense of unease about potential ongoing vulnerabilities.
In light of this disturbing event, customers are strongly advised to stay vigilant, especially when receiving unsolicited emails or phone calls from purported representatives of Nova Scotia Power. Maintaining caution is crucial in safeguarding personal information amidst a digital environment rife with threats.
Via BleepingComputer
