Nova Scotia Power

Nova Scotia Power, the largest electric utility in Nova Scotia and a subsidiary of Emera, suffered a cyberattack where hackers infiltrated its network and exfiltrated sensitive customer data. The breach, discovered on **April 25**, traced back to **March 19**, during which attackers accessed and stole personal information, including **names, contact details, customer account histories (power consumption, payments), driver’s license details, Social Insurance numbers (SINs), and potentially bank account numbers**.The company isolated affected systems and is rebuilding them while notifying impacted customers via mail. Though **physical operations (power generation/transmission) remained unaffected**, the incident exposed customers to heightened risks of **impersonation scams** (calls, texts, social media, fake websites) exploiting the stolen data. The attack’s scope—including **SINs and financial details**—poses severe threats of **identity theft, financial fraud, and long-term reputational harm**. Emera has not confirmed whether ransomware was involved or disclosed the exact number of affected customers.

Source: https://therecord.media/nova-scotia-power-data-breach-notice

TPRM report: https://www.rankiteo.com/company/nova-scotia-power

"id": "nov4380043113025",
"linkid": "nova-scotia-power",
"type": "Cyber Attack",
"date": "3/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Energy',
                        'location': 'Nova Scotia, Canada',
                        'name': 'Nova Scotia Power',
                        'size': 'Large (serves ~95% of the province)',
                        'type': 'Electric Utility'},
                       {'industry': 'Energy',
                        'location': 'Halifax, Nova Scotia, Canada',
                        'name': 'Emera',
                        'type': 'Parent Company'}],
 'customer_advisories': 'Notifications sent by mail to affected customers; '
                        'warnings about phishing and scams.',
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High (includes PII and financial '
                                        'data)',
                 'type_of_data_compromised': ['customer names',
                                              'contact information',
                                              'account history',
                                              'power consumption data',
                                              'payment information',
                                              'driver’s license details',
                                              'Social Insurance numbers',
                                              'bank account numbers '
                                              '(potentially)']},
 'date_detected': '2024-04-25',
 'date_publicly_disclosed': '2024-05-01',
 'description': 'Nova Scotia Power, the largest electric utility in Nova '
                'Scotia, disclosed a cyberattack where hackers stole sensitive '
                'customer information, including names, contact details, '
                'account history, power consumption data, payments, driver’s '
                'license details, Social Insurance numbers, and potentially '
                'bank account numbers. The breach was detected on April 25, '
                '2024, but the data theft occurred on March 19, 2024. The '
                'company is investigating and rebuilding affected systems '
                'while warning customers about impersonation scams.',
 'impact': {'brand_reputation_impact': 'Potential damage due to data breach '
                                       'and impersonation scams',
            'data_compromised': True,
            'identity_theft_risk': 'High (Social Insurance numbers, driver’s '
                                   'license details, and bank account numbers '
                                   'may have been exposed)',
            'operational_impact': 'None (physical operations like power '
                                  'generation and transmission were '
                                  'unaffected)',
            'payment_information_risk': 'High (bank account numbers may have '
                                        'been accessed)',
            'systems_affected': True},
 'initial_access_broker': {'high_value_targets': ['customer databases'],
                           'reconnaissance_period': 'At least from 2024-03-19 '
                                                    'to 2024-04-25 (intrusion '
                                                    'detected ~5 weeks after '
                                                    'initial access)'},
 'investigation_status': 'Ongoing',
 'ransomware': {'data_exfiltration': True},
 'references': [{'source': 'Associated Press (via CBC News)'}],
 'response': {'communication_strategy': 'Notifying affected customers by mail; '
                                        'public warnings about impersonation '
                                        'scams',
              'containment_measures': 'Isolated affected servers',
              'incident_response_plan_activated': True,
              'remediation_measures': 'Rebuilding impacted systems'},
 'stakeholder_advisories': 'Customers advised to be vigilant against '
                           'impersonation scams (phone calls, texts, social '
                           'media, websites).',
 'title': 'Nova Scotia Power Cyberattack and Customer Data Breach',
 'type': ['data breach', 'cyber intrusion']}