Nova Scotia Power Cyberbreach Affected More Than 900,000 Current and Former Customers
None
<h2><b>What happened</b></h2><p class="p3">A <span class="s2">Nova Scotia Power</span> cyberbreach affected more than 900,000 current and former customers, prompting new commitments on data deletion and external security review. The <span class="s2">Office of the Privacy Commissioner of Canada</span> said <span class="s2">Nova Scotia Power</span> pledged to delete all customer social insurance numbers from its systems by the end of the month and submit an external security assessment by Oct. 31. The commissioner said the breach began after a <span class="s2">Nova Scotia Power</span> employee clicked a link in a pop-up on a website compromised by <span class="s2">SocGholish</span> malware on or around March 19, 2025. The malware gave a threat actor access to the network. Between April 8 and 22, the actor deployed additional malware and exfiltrated data from network files and cloud storage. On April 25, the actor destroyed backups and deployed malware.<span class="Apple-converted-space"> </span><span class="Apple-converted-space"> </span></p><h2><b>Who is affected</b></h2><p class="p3">The direct exposure affects roughly 375,000 current customers and 540,000 former customers of <span class="s2">Nova Scotia Power</span>. Potentially compromised personal information included names, phone numbers, email addresses, driver’s licence numbers, birth dates, and social insurance numbers.<span class="Apple-converted-space"> </span><span class="Apple-converted-space"> </span></p><h2><b>Why CISOs should care</b></h2><p class="p3">This incident has immediate operational and governance relevance because it combined employee-driven initial access, data exfiltration, backup destruction, and internal system disruption. It also triggered regulatory scrutiny, external assessment commitments, and service issues that affected billing operations even though energy generation and delivery were not disrupted.<span class="Apple-converted-space"> </span><span class="Apple-converted-space"> </span></p><h2><b>3 practical actions</b></h2><ol> <li class="p3"><span class="s2"><b>Remove obsolete sensitive data:</b></span> Eliminate retained high-risk identifiers that no longer serve an active business purpose, as <span class="s2">Nova Scotia Power</span> has now committed to do with customer social insurance numbers.<span class="Apple-converted-space"> </span><span class="Apple-converted-space"> </span></li> <li class="p3"><span class="s2"><b>Validate backup resilience under attack:</b></span> Test whether backups can withstand destructive attacker activity, since the threat actor in this incident destroyed backups before malware deployment.<span class="Apple-converted-space"> </span></li> <li class="p3"><span class="s2"><b>Treat notification readiness as a control:</b></span> Review breach notification processes and decision-making because the external assessment will specifically examine the effectiveness of how affected people were notified.<span class="Apple-converted-space"> </span></li> </ol><p><i>For more coverage of major security incidents affecting organizations worldwide, explore our reporting on </i><a href="https://cisowhisperer.com/tag/data-breach/"><span class="s2"><b><i>Data Breaches</i></b></span></a><i>.</i></p><p>The post <a rel="nofollow" href="https://cisowhisperer.com/nova-scotia-power-cyberbreach-affected-more-than-900000-current-and-former-customers/">Nova Scotia Power Cyberbreach Affected More Than 900,000 Current and Former Customers</a> appeared first on <a rel="nofollow" href="https://cisowhisperer.com/">CISO Whisperer</a>.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/03/nova-scotia-power-cyberbreach-affected-more-than-900000-current-and-former-customers/" data-a2a-title="Nova Scotia Power Cyberbreach Affected More Than 900,000 Current and Former Customers"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F03%2Fnova-scotia-power-cyberbreach-affected-more-than-900000-current-and-former-customers%2F&linkname=Nova%20Scotia%20Power%20Cyberbreach%20Affected%20More%20Than%20900%2C000%20Current%20and%20Former%20Customers" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F03%2Fnova-scotia-power-cyberbreach-affected-more-than-900000-current-and-former-customers%2F&linkname=Nova%20Scotia%20Power%20Cyberbreach%20Affected%20More%20Than%20900%2C000%20Current%20and%20Former%20Customers" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F03%2Fnova-scotia-power-cyberbreach-affected-more-than-900000-current-and-former-customers%2F&linkname=Nova%20Scotia%20Power%20Cyberbreach%20Affected%20More%20Than%20900%2C000%20Current%20and%20Former%20Customers" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F03%2Fnova-scotia-power-cyberbreach-affected-more-than-900000-current-and-former-customers%2F&linkname=Nova%20Scotia%20Power%20Cyberbreach%20Affected%20More%20Than%20900%2C000%20Current%20and%20Former%20Customers" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F03%2Fnova-scotia-power-cyberbreach-affected-more-than-900000-current-and-former-customers%2F&linkname=Nova%20Scotia%20Power%20Cyberbreach%20Affected%20More%20Than%20900%2C000%20Current%20and%20Former%20Customers" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://cisowhisperer.com">CISO Whisperer</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Evan Rowe">Evan Rowe</a>. Read the original post at: <a href="https://cisowhisperer.com/nova-scotia-power-cyberbreach-affected-more-than-900000-current-and-former-customers/?utm_source=rss&utm_medium=rss&utm_campaign=nova-scotia-power-cyberbreach-affected-more-than-900000-current-and-former-customers">https://cisowhisperer.com/nova-scotia-power-cyberbreach-affected-more-than-900000-current-and-former-customers/?utm_source=rss&utm_medium=rss&utm_campaign=nova-scotia-power-cyberbreach-affected-more-than-900000-current-and-former-customers</a> </p>