Nova Scotia Energy has revealed {that a} latest ransomware assault has prevented buyer meter readings from being recorded, impacting billing costs.
The Canadian utilities supplier mentioned that after initially pausing billing, it’s now sending most prospects estimated payments till its programs are restored.
“For the reason that cyber incident found on April 25, energy meters have continued to perform and collect correct vitality utilization information from houses and companies throughout the province. Nevertheless, because of the cyber incident, the meters haven’t been capable of talk that information to our programs,” the corporate wrote in an incident replace on July 8.
The corporate is constant to work with exterior cybersecurity specialists to revive programs safely and securely.
Attackers Accessed Buyer Knowledge, Together with Financial institution Particulars
An investigation into the incident revealed that an unauthorized third-party accessed and exfiltrated buyer information on sure Nova Scotia Energy servers round March 19, 2025.
No particulars have been offered on how the attackers gained entry to elements of the agency’s community and servers.
On June 6, the agency notified authorities that roughly 280,000 Canadian-based prospects have been impacted by the breach.
The data breached might embrace extremely delicate private and monetary particulars, together with:
- Names, dates of beginning, telephone numbers, e-mail addresses, mailing and repair addresses, driver’s license quantity and Canadia Social Insurance coverage quantity
- Nova Scotia Energy program participation info and buyer account historical past, together with billing and credit score historical past
- Some prospects’ checking account numbers may have been impacted if this info was offered
The kind of impacted info varies by particular person buyer.
Nova Scotia Energy has warned that among the accessed info has been printed to the darkish net. It’s at present unclear which menace group is behind the assault and leak.
The vitality agency is increasing credit score monitoring companies to these impacted. Additionally it is urging prospects to remain vigilant for social engineering assaults amid a rise in fraudulent telephone, textual content, social media posts and web sites posing as Nova Scotia Energy.
Nova Scotia Energy Resists Attacker Calls for
The agency disclosed on Might 23 that the incident was a complicated ransomware assault.
“No cost has been made to the menace actor. This resolution displays our cautious evaluation of relevant sanctions legal guidelines and alignment with regulation enforcement steerage,” the corporate wrote.
Learn now: M&S Chair Particulars Ransomware Assault, Declines to Verify if Cost Was Made
Utility suppliers have confronted surging ransomware threats. A ReliaQuest report in December 2024 discovered that the business was hit by a 42% surge in ransomware assaults over the earlier 12 months.
