Nova Scotia Power says customer banking details may have been stolen by hackers

Avatar

Nova Scotia’s largest electric utility said Wednesday that hackers stole sensitive information from customers in a recent cyberattack.

Nova Scotia Power and its Halifax-based parent company Emera discovered on April 25 that an intruder had gained access to parts of its network, prompting the companies to isolate the affected servers.

In an update on Wednesday, Nova Scotia Power said it is still investigating the incident and working to rebuild “impacted systems.” It determined that on March 19, more than a month before discovering the intrusion, customer information was accessed and stolen. The information may have included contact and name information, customer account history — including power consumption and payments — driver’s license details, and Social Insurance numbers. Bank account numbers may also have been accessed, they said. 

The company, which supplies power to about 95% of the province, said it is in the process of notifying affected customers by mail. Emera did not immediately respond to questions about whether the incident involves ransomware and how many customers may have had their data stolen. 

Previously, they said physical operations like power generation and transmission were not affected by the cyberattack. 

The company warned of a rise in impersonation phone calls, texts, social media posts and websites purporting to be from Nova Scotia Power in the wake of the incident, and instructed customers to “remain vigilant” of communications asking for personal information.

IndustryNewsNews BriefsCybercrime
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

James Reddick

has worked as a journalist around the world, including in Lebanon and in Cambodia, where he was Deputy Managing Editor of The Phnom Penh Post. He is also a radio and podcast producer for outlets like Snap Judgment.

 

Total
0
Shares
Previous Post

Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit

Next Post

New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy

Related Posts

Between Buzz and Reality: The CTEM Conversation We All Need

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn’t have asked for a better kickoff panel: three cybersecurity leaders who don’t just talk security, they live it. Let me introduce them. Alex Delay, CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead, Director of Cybersecurity at Avidity
Avatar
Read More

Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks

Google has revealed the various safety measures that are being incorporated into its generative artificial intelligence (AI) systems to mitigate emerging attack vectors like indirect prompt injections and improve the overall security posture for agentic AI systems. "Unlike direct prompt injections, where an attacker directly inputs malicious commands into a prompt, indirect prompt injections
Avatar
Read More