In a concerning development, Nova Scotia Power has confirmed that it has fallen victim to a ransomware attack, with sensitive data of approximately 280,000 customers now published on the dark web. While the utility had previously reported an incident in late April, the breach was determined to have occurred much earlier, on or around March 19.
"This is a very sophisticated threat actor," stated Peter Gregg, the utility's president and CEO. Despite receiving a ransom request from the perpetrators, Nova Scotia Power has opted not to pay. "Based on expert advice, including law enforcement at all levels, we made the decision to ... we have not paid," Gregg clarified.
"This is a very sophisticated threat actor,"
Looking Ahead
With cybersecurity experts now collaborating with the company, the focus is on conducting a thorough investigation into the breach to bolster future defenses. "While cybersecurity protections are in place, we are actively working to understand the breach and strengthen our systems," said Gregg, emphasizing the importance of learning from this incident. He assured the public that the operational side of the business was not impacted by this cyber event.
"While cybersecurity protections are in place, we are actively working to understand the breach and strengthen our systems,"
By the Numbers
By the Numbers
By the Numbers
Following the breach, customers began receiving personalized letters that informed them of unauthorized access to their information. The content of these letters raised concerns as they indicated that the stolen data may include names, phone numbers, email addresses, mailing addresses, dates of birth, account histories, driver's licenses, social insurance numbers, and bank account numbers. "We know if you're receiving one of those notices from us, we know you're concerned and we apologize for that," Gregg expressed.
"We know if you're receiving one of those notices from us, we know you're concerned and we apologize for that,"
As a precautionary measure, Nova Scotia Power is offering affected customers a complimentary credit monitoring service with TransUnion for two years. The company also encourages vigilance among its customers regarding unsolicited communications, warning them to be wary of any emails, texts, social media posts, or phone calls that request personal information.
Career Journey
Cybersecurity expert Claudiu Popa, the CEO of Datarisk Canada, has weighed in on the incident, urging Nova Scotia Power to be more transparent about the breach. "It doesn't actually say, you know what, we were the custodians of that information, which we asked you to provide to us," Popa remarked. He believes that the notification letters sent to customers should be more detailed, specifically tailored to each individual, and clearly outline what information was compromised.
"It doesn't actually say, you know what, we were the custodians of that information, which we asked you to provide to us,"
Given the extensive data stolen, Popa warned that the hackers could exploit it in numerous ways, leading to an 'infinity of scenarios that could possibly victimize someone'. This could include account takeovers or applications for loans and mortgages under false identities.
Looking Ahead
In light of this incident, Nova Scotia Power maintains that they are committed to restoring and enhancing their systems to prevent future breaches. While immediate actions are being taken, the broader implications of such a data breach highlight the ongoing challenges organizations face in safeguarding sensitive customer information in today's digital landscape.
The aftermath of this ransomware attack serves as a reminder of the vulnerability that can affect even large utility companies and the importance of robust cybersecurity measures. As Nova Scotia Power works to recover from this event, customers and cybersecurity analysts alike will be watching closely to see how the utility adapts its strategies to better protect sensitive data.