Nova Scotia Power has confirmed it was the victim of a sophisticated ransomware attack that began several weeks ago, in which the “threat actor” published stolen data from the utility company’s systems.
“No payment has been made to the threat actor,” Nova Scotia Power said in a May 23 news release. “This decision reflects our careful assessment of applicable sanctions laws and alignment with law enforcement guidance.”
Nova Scotia Power has been working with third-party cybersecurity experts to investigate the incident, which is ongoing, and restore its compromised systems and implement additional security protections, the release says.
Customer information including name, phone number, email address, mailing and services address, utility account information, driver’s licence number, social insurance number, and bank account number may have been compromised in the cyberattack….