Nova Scotia Power says customer banking details may have been stolen by hackers

Avatar

Nova Scotia’s largest electric utility said Wednesday that hackers stole sensitive information from customers in a recent cyberattack.

Nova Scotia Power and its Halifax-based parent company Emera discovered on April 25 that an intruder had gained access to parts of its network, prompting the companies to isolate the affected servers.

In an update on Wednesday, Nova Scotia Power said it is still investigating the incident and working to rebuild “impacted systems.” It determined that on March 19, more than a month before discovering the intrusion, customer information was accessed and stolen. The information may have included contact and name information, customer account history — including power consumption and payments — driver’s license details, and Social Insurance numbers. Bank account numbers may also have been accessed, they said. 

The company, which supplies power to about 95% of the province, said it is in the process of notifying affected customers by mail. Emera did not immediately respond to questions about whether the incident involves ransomware and how many customers may have had their data stolen. 

Previously, they said physical operations like power generation and transmission were not affected by the cyberattack. 

The company warned of a rise in impersonation phone calls, texts, social media posts and websites purporting to be from Nova Scotia Power in the wake of the incident, and instructed customers to “remain vigilant” of communications asking for personal information.

IndustryNewsNews BriefsCybercrime
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

James Reddick

has worked as a journalist around the world, including in Lebanon and in Cambodia, where he was Deputy Managing Editor of The Phnom Penh Post. He is also a radio and podcast producer for outlets like Snap Judgment.

 

Total
0
Shares
Previous Post

Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit

Next Post

New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy

Related Posts

PlayPraetor Reloaded: CTM360 Uncovers a Play Masquerading Party

Overview of the PlayPraetor Masquerading Party Variants CTM360 has now identified a much larger extent of the ongoing Play Praetor campaign. What started with 6000+ URLs of a very specific banking attack has now grown to 16,000+ with multiple variants. This research is ongoing, and much more is expected to be discovered in the coming days.  As before, all the newly discovered play
Avatar
Read More

ClearFake Infects 9,300 Sites, Uses Fake reCAPTCHA and Turnstile to Spread Info-Stealers

The threat actors behind the ClearFake campaign are using fake reCAPTCHA or Cloudflare Turnstile verifications as lures to trick users into downloading malware such as Lumma Stealer and Vidar Stealer. ClearFake, first highlighted in July 2023, is the name given to a threat activity cluster that employs fake web browser update baits on compromised WordPress as a malware distribution vector. The
Avatar
Read More

Pentesters: Is AI Coming for Your Role?

We’ve been hearing the same story for years: AI is coming for your job. In fact, in 2017, McKinsey printed a report, Jobs Lost, Jobs Gained: Workforce Transitions in a Time of Automation, predicting that by 2030, 375 million workers would need to find new jobs or risk being displaced by AI and automation. Queue the anxiety.  There have been ongoing whispers about what roles would be
Avatar
Read More