Canada's Nova Scotia Power, the region’s leading electrical supplier, announced it is “actively responding” to a cybersecurity incident that has impacted its business IT networks and customer account access.
The power company reports the hackers responsible for the breach gained unauthorized access “into certain parts of its Canadian network and servers supporting portions of its business applications.”
Launching an internal investigation with the help of third-party cybersecurity experts, the Canadian electrical utility said it immediately "isolated the affected servers to prevent further intrusion."
Nova Scotia Power serves more than 525,000 residential, commercial and industrial customers – supplying 95% of the electricity in the Canadian province – and employs 2,300 individuals.
Additionally, its Halifax-based parent company, Emera, owns a total of six electric and natural gas utilities, serving approximately 2.5 million customers in Canada, the United States, and the Caribbean.
In a press release posted on both websites and various social media accounts on Monday, the power giants stressed that there has been "no disruption to its electricity generation, transmission, and distribution facilities and no impact to our ability to safely and reliably serve customers in Nova Scotia.”
We are actively responding to a cyber incident that has impacted certain IT systems in our network.
undefined Nova Scotia Power (@nspowerinc) April 28, 2025
This incident doesn't impact on our ability to provide safe, reliable power to our customers—Customer Care is currently available for outages and emergencies through our 1/2 pic.twitter.com/YhU3ItjIs4
Furthermore, the joint release said there has been no impact to the Maritime Link, the Brunswick Pipeline, or to servicing Emera’s US or Caribbean utilities.
Julien Richard, Vice President of InfoSec at cybersecurity solutions firm Lastwall, said the Nova Scotia Power breach "once again brings the security of critical infrastructure into sharp focus.”
"Cyberattacks against power companies don’t just stay behind closed doors — they ripple outward, disrupting daily life, eroding public trust, and leading to millions in potential losses,” Richard said.
More broadly, Richard noted that cybercriminals are increasingly targeting the energy sector, an alarming trend in 2025. “It’s a sobering reminder that cybersecurity for utilities is now a front-line defense for public safety, not just an IT concern tucked away in the background," he said.
Customer data at risk?
Since the attack began, hundreds of customers have taken to social media looking for answers, hoping to confirm their private data is still safe.
The power company, on Friday, April 25th, first reported it was experiencing “technical issues” with its phone lines and with customers’ accessing their online accounts and billing.
Nova Scotia Power’s online “MyAccount” allows customers "to make secure payments, including through their bank," potentially exposing the sensitive financial information belonging to hundreds of thousands of individuals.
“Let me guess, our banking information has been breached?“ one customer posted.
“Can you please address the breach in terms of if customer data has been breached too? I would like to know if my personal data is compromised,” said another.
Cybernews reached out to Emera (and its Nova Scotia Power subsidiary) on Tuesday to ask for more information on the amount and type of data accessed by the threat actors. An Emera spokesperson told us that all the information the energy company can share at this point has already been released and that moving forward, "any new information we can share will be posted on the NSPower website."
“Protecting the privacy and security of information held by Nova Scotia Power is a top priority," the utility posted on its website, adding that it has “launched a thorough investigation to determine the nature and scope of the impact of this incident on our systems and data.”
“Our internal investigation remains ongoing, and we continue to monitor the situation. We will continue to provide updates to customers as new information becomes available,” the announcement said.
Richard said that any breach of a power organization can have very real consequences if attackers gain deep access.
“Without the proper controls, this could have escalated quickly into a safety issue — risking life and limb — rather than remaining a contained cybersecurity incident,” he explained.
“Utilities and energy providers must harden their identity and access control systems, ensuring that only verified and authorized personnel can reach critical environments,” he added.
The power company additionally said it has notified law enforcement and is “working around the clock” to restore its systems.
Your email address will not be published. Required fields are markedmarked