Latest news with #cyberbreach
CBC
7 days ago
- Business
- CBC
Nova Scotia Power customers handed 'to-do list' after ransomware attack
Some people notified by Nova Scotia Power that their information was stolen in a cyber breach are becoming frustrated trying to navigate the situation, saying it's difficult to get through to their banks and the credit monitoring system that's been recommended. Nova Scotia Power announced the security breach in late April and confirmed last week it was the victim of a ransomware attack affecting about 280,000 customers in Nova Scotia. Letters to affected customers began rolling out last week and the company said it is working with experts to restore its systems and improve security. "I'm unsure of the apology from Nova Scotia Power. It feels like really, the responsibility is back on the consumer," said Brian Yee, a retired teacher in Halifax, who recently received a letter from the utility. "What are the items that they're putting in place to ensure that this doesn't occur?" Yee was eventually sent a temporary password to validate a credit monitoring account, but is still irked he is having to take these steps. He's had to spend a lot of time on the phone on hold while trying to get in touch with the credit monitoring agency TransUnion. "So other than here's your to-do list of what to do, I find that frustrating. You know, many folks wouldn't have the time. I'm retired so I can sit on the phone if needed, but if you're working, that would be super challenging to do." Yee said he doesn't feel Nova Scotia Power has provided enough direction to its customers and questioned whether the offered two years of credit monitoring is adequate. "It's still not resolved. And so I guess my question is how much more work is this going to be? And the fact that there is really nothing from Nova Scotia Power saying that this is our followup with you," he said. 'It was a terrible feeling' Diane Newman-Betts, also from Halifax, has spent the last 12 days scrambling to figure out how $30,000 disappeared from her and her husband Michael's bank account. "It was a terrible feeling, we were both really sick to our stomachs the last week and a half. It was awful," she said. Newman-Betts said she noticed two suspicious transactions on her Manulife bank account on May 15: one was $500 from her credit card and another was a $30,000 amount going on a TD line of credit. "We don't deal with TD at all, so I knew that it was not us or that something was wrong and I think myself what they did is they went in with the first amount and realized it worked and so then they went back in for the money," Newman-Betts told CBC News. Then the letter from Nova Scotia Power arrived. "For this to happen to us and then have the letter arrive — that is when we connected it all. It had to be that. There is no other reason," she said. Newman-Betts said she can't be sure it happened because of the ransomware attack, but she did learn her bank will be putting the missing money back into her account. Manulife released a statement saying it takes all reports of unauthorized activity seriously and protecting clients remains a top priority. Nova Scotia Power did not provide any update on the ransomware attack on Tuesday.
CBC
14-05-2025
- Business
- CBC
Nova Scotia Power notifying customers whose data was affected by cyber breach
Nova Scotia Power says it has begun to notify customers whose data was compromised in a cyber breach that was first discovered last month. In an update posted to the utility's website on Wednesday, Nova Scotia Power said customer information, which may include addresses, phone numbers, birth dates, driver's license and social insurance numbers, and banking information, was taken by an "unauthorized third party" that accessed its systems. Information taken will vary depending on what information had been provided to the utility by each customer, it said. Nova Scotia Power said while it has no evidence the data has been misused, it has arranged to have TransUnion provide affected individuals with a free, two-year subscription to a credit monitoring service. The utility said it's working with cybersecurity experts to determine the extent of the breach, and to safely restore and rebuild the systems that were compromised. While the breach was first discovered on April 25, Nova Scotia Power said it has since determined that customer information was accessed and taken "on or around March 19, 2025." Nova Scotia Power has been working to get the situation under control by pausing billing and shutting down its online customer portal MyAccount. No services have been disrupted as a result of the incident, the company said, and late fees have been paused. Nova Scotia Power said it may take several business days for those affected to be notified by mail. The notice will include a phone number customers can call to ask further questions and to register for the credit monitoring service. The utility says customers should be vigilant about any unsolicited communications they receive claiming to be from Nova Scotia Power that ask for personal information. If you don't receive a notice in the mail, it means Nova Scotia Power has determined that, at this time, your personal data has not been impacted by the breach. While some experts have , the company has said it won't speculate as an investigation is ongoing.
CBC
06-05-2025
- Business
- CBC
Cyber breach reverberates at Nova Scotia Power more than a week later
Nova Scotia Power is remaining tight-lipped about the details of a cyber breach that has forced the company to pause billing and led to the shutdown of its online customer portal, and hasn't said what other systems within the utility have been disrupted. It's been more than a week since the utility, which provides electricity to more than half a million residential, commercial and industrial customers in Nova Scotia, said it first detected, on April 25, unauthorized access into parts of its network and servers. The company has noted major billing and customer service issues, and warned the personal information of some customers has been taken, but it won't confirm whether systems such as payroll have been impacted, although a spokesperson said all employees continue to be paid. "This is very much an active investigation," spokesperson Kathryn O'Neill said in an email. "We cannot speculate or share unverified information while the investigation is ongoing in collaboration with external cybersecurity experts." The International Brotherhood of Electrical Workers Local 1928, the union that represents about 1,000 Nova Scotia Power employees, said in a social media post it is aware of the possibility of issues with overtime pay. Business manager Jim Sponagle told CBC News the union is asking employees to be patient as the company works through the breach. Ransomware attack? Julien Richard, the vice-president of information security for Lastwall, a Fredericton-based cybersecurity firm not involved in the Nova Scotia Power case, said with few details released by the utility, it is tough to know what happened. There are a number of scenarios, he said. In some cases, countries hostile to the West try to infiltrate critical infrastructure such as energy companies, both to observe their inner workings without being detected and to gain the ability to shut down networks if they later choose. But given the disruption facing the business side of Nova Scotia Power, and not the electrical grid network, Richard said it's more likely the company has been hit by a ransomware attack or some other kind of incursion motivated by financial gain. Ransomware typically prevents a person or a company from accessing computer files and systems, with criminals then demanding a ransom before they will return access. Nova Scotia Power has refused to say whether it believes it is the victim of a ransomware attack. Richard said those behind the breach may be solely responsible for the disruptions at Nova Scotia Power, but there's also the possibility IT administrators decided to shut down some systems to "contain the blast radius of this attack." 'Worst moments of their careers' The utility has made clear the cyber breach has not disrupted electricity generation, transmission or distribution facilities, or harmed the company's ability to deliver power to customers. Richard said power companies typically keep their business networks separate from those that run their grids, and in Nova Scotia Power's case, it's "definitely a win" that those behind the breach were apparently not able to jump from one to the other. One of the reasons so little information has been released is the company might not know yet exactly what happened, he said, and digital forensics can take a "long time." It's also likely those behind the attack are still lurking in the system. "It's important to say that we need to be patient with the folk that work there," he said. "They're probably going through the worst moments of their careers. "I can guarantee you that some of them are probably sleeping there under their desks and working." Rebecca Brown, a spokesperson for the province's utility regulator, the Nova Scotia Energy Board, said in an email there's not yet a formal proceeding opened, "but that will come." Such a proceeding could review the cause of the incident and Nova Scotia Power's response, the impact on the utility and ratepayers, including on customer data, compliance with reliability standards, and recommendations. Seniors could be targeted Claudiu Popa, the CEO of cybersecurity company Datarisk Canada, said the cyber breach appears to be "fairly serious," and is potentially an extortion attempt. Generally, he said, the ransomware "makes itself known" once the information criminals are after has been stolen. The language Nova Scotia Power has used — that "unusual activity" was detected — suggests that's the case. He said the theft of financial information can often be "rectified rapidly" by banks so long as customers report it quickly. More difficult to fix is identity fraud. Both Popa and Richard warned that customers should be wary if they receive calls or emails purporting to be from Nova Scotia Power. Popa said seniors in particular are targeted because criminals perceive them to have more disposable income and assets. Information Morning.
