The federal privacy commissioner has launched an investigation into a ransomware attack that led to the theft of personal information belonging to 280,000 customers of Nova Scotia’s electric utility.
Privately owned Nova Scotia Power confirmed last week that hackers stole the data and published it on the dark web.
Privacy commissioner Philippe Dufresne issued a statement today confirming he started a probe after receiving complaints about a security breach the utility reported in late April.
Get breaking National news
For news impacting Canada and around the world, sign up for breaking news alerts delivered directly to you when they happen.
Dufresne says he’s in discussions with the utility to ensure it is taking appropriate steps to deal with the breach, which has affected about half of Nova Scotia Power’s customers.
The commissioner says the investigation is looking into steps the company has taken to contain the breach, notify its customers and reduce the risk of fraud and identity theft.
Nova Scotia Power has said it’s offering affected customers a two-year subscription for credit monitoring services through TransUnion Canada.
It’s also sent letters to customers informing them the stolen data may include their names, birth dates, email addresses, home addresses, customer account information, driver’s licence numbers, and in some instances their bank account numbers.
Dufresne says customers would be wise to sign up for a credit monitoring service to reduce the potential for fraud, and he says they should monitor their bank accounts and notify their financial institutions.
This report by The Canadian Press was first published May 28, 2025.
Read the full article here
