We are actively responding to a cyber incident that has impacted certain IT systems in our network. Our IT team is coordinating with external cybersecurity experts and working around the clock to restore our systems safely and securely while we continue to investigate this incident.

Please see below for the latest updates.

News

Wednesday, June 4, 2025

Following the recent ransomware attack and its effect on our customers, we've been invited to speak with members of the Nova Scotia Public Accounts Committee at their meeting today.

While recognizing that the investigation and response efforts remain ongoing, we have committed to be as open and transparent as possible. This meeting today is a part of that transparency.

Opening remarks by Peter Gregg, President & CEO

On behalf of our entire team at Nova Scotia Power, thank you for the invitation to attend today’s committee meeting. Cybersecurity is a critical issue facing private, public, and government organizations right now and we all need to work together to protect the security of Nova Scotians. I am here today with two colleagues, Chris Lanteigne, Nova Scotia Power’s Director of Customer Care, and Chris Heck, the Chief Digital Officer from our parent company, Emera. We appreciate the opportunity to discuss this issue with you today and how we can get stronger together as we move forward.

I would like to begin with reiterating our sincere apologies to all our customers that they have been impacted by this cyber incident. We understand it is very concerning and we’re working hard to address customer issues and to continue to strengthen our systems as we work to restore and rebuild.

As we begin, it’s important to remind people of the sensitivity of the incident and the fact that it is ongoing. This was a sophisticated attack on Nova Scotia Power and our customers by a criminal who has stolen data from our systems. We are committed to being as open and transparent as possible, as we have been since the beginning of the incident—our investigation and response efforts remain ongoing.

Maintaining the integrity of the active investigation, under the careful guidance of leading cybersecurity experts, is essential. We have also notified and sought input from law enforcement.

The privacy commissioner of Canada stated last week that: “Data breaches have surged over the past decade, and this incident highlights the growing risks of cyberattacks for all organizations.”

Despite this reality, we know that to our customers, Nova Scotia Power is not just any organization. We are a vital part of their every day lives and we take that responsibility very seriously. And we take cybersecurity very seriously and work every day to manage threats and continually evolving risks.

I want to assure the committee that before this attack we invested heavily in keeping our network and information secure. We implement measures and controls designed to align with the National Institute of Standards and Technology and the North American Electric Reliability Corporation (NERC), organizations that set standards for electric utilities across North America. However, as we know, the cyber criminals are getting more and more sophisticated and we continue to focus our efforts and make investments to address these growing threats.

No payment has been made to the criminal. This reflects our careful assessment of applicable sanctions laws and alignment with law enforcement guidance. It was illegal to make a payment.

Immediately after detecting unusual activity on our network on April 25, we activated our existing cyber incident response and business continuity protocols. These included engaging leading third-party cybersecurity experts and taking swift actions to contain and isolate the affected systems to prevent further intrusion. Our cybersecurity program ensured that our operations systems and electric grid continue to perform as usual.

As you know, the criminals stole data, which unfortunately includes the personal data of customers. We’ve sent notifications to those impacted existing account holders and encouraged them to sign up for free credit monitoring service and are continuing to investigate the full scope of the impact of the data. And this investigation is complex, extremely detailed, and will take time.

I am also encouraging all impacted customers to sign up for complimentary credit monitoring and identity protection services. We have updated our website to include tips on some of the common issues customers have had in signing up.

Additionally, for anyone experiencing challenges, we will start providing in-person support in various communities across the province starting later this week to assist our customers. Signing up online remains the best path for customers, but we plan to provide some in-person support for those who are less comfortable with the online process or have questions. More details will be communicated in the coming days.

I want to assure you that we are cooperating at all levels on the investigation of this criminal attack. As you are aware, formal investigations of the incident have been initiated by both the Nova Scotia Energy Board and the Office of the Privacy Commissioner of Canada. Nova Scotia Power will fully cooperate with both of these proceedings.

You have my commitment that our team is focused on the continued investigation of our restoration efforts. We will continue to be open and transparent as we move through this process. We know that our customers feel we have let them down and we are doing everything we can to support them. We thank all our customers for their patience as we continue to work through this very difficult and active situation.

Thank you. We look forward to the discussion.

Peter Gregg, President & CEO, Nova Scotia Power

Friday, May 23, 2025 Update

We wanted to provide an update on Nova Scotia Power's ongoing cyber incident. Today, we are confirming we have been the victim of a sophisticated ransomware attack.

Since the incident began several weeks ago, Nova Scotia Power has been actively working with the assistance of third-party cyber security experts to restore our systems safely and investigate the incident. We have also been working to further strengthen our systems and add additional security protections.

No payment has been made to the threat actor. This decision reflects our careful assessment of applicable sanctions laws and alignment with law enforcement guidance.

We have learned that the threat actor has published data that was stolen from our systems. We are actively working with cybersecurity experts to assess the nature and scope of the information that may have been impacted.

Notifications have been mailed to impacted account holders, which include detailed information about resources and support. Arrangements have been made with the consumer reporting agency, TransUnion, to provide impacted individuals with a two-year subscription to a comprehensive credit monitoring service (TransUnion myTrueIdentity®) at no cost.

We encourage customers who receive a notification to enroll in the TransUnion credit monitoring service and otherwise remain vigilant and cautious about any unsolicited communications (such as emails, text messages, social posts, or phone calls), including messages that appear to be from Nova Scotia Power asking you to provide your personal information. Please avoid clicking on suspicious links or downloading attachments without confirming they are from a legitimate source.

We remain sincerely sorry that this issue has occurred. Protecting the privacy and security of information held by Nova Scotia Power is something we take very seriously.

Wednesday, May 14, 2025 Update

Nova Scotia Power continues to investigate a cyber incident that has impacted certain IT systems in our network. We are working with external cybersecurity experts to determine the scope of the impact and safely and securely restore and rebuild our impacted systems.

While the investigation remains ongoing, we have determined that on or around March 19, 2025, certain customer information stored on the impacted servers was accessed and later taken by an unauthorized third party.

Notifications are in the process of being mailed to impacted account holders, which includes detailed information about resources and support. While we have no evidence of misuse of your personal information, as a precaution, arrangements have been made with the consumer reporting agency, TransUnion, to provide impacted individuals with a two-year subscription to a comprehensive credit monitoring service (TransUnion myTrueIdentity®) at no cost.

The types of impacted personal information varied by individual customer and depended, in part, on the information provided by each customer. This may have included one or more of the following: name, phone number, email address, mailing and service addresses, Nova Scotia Power program participation information, date of birth, and customer account history (such as power consumption, service requests, customer payment, billing, and credit history, and customer correspondence), driver’s license number, and Social Insurance Number. For some of our customers, bank account numbers (for pre-authorized payment) may also have been impacted, if this information was provided by these customers.

We encourage customers to remain vigilant and cautious about any unsolicited communications (such as emails, text messages, social posts, or phone calls), including messages that appear to be from Nova Scotia Power asking you to provide your personal information. Please avoid clicking on suspicious links or downloading attachments without confirming they are from a legitimate source.

Any customer who receives a letter in the mail from Nova Scotia Power will be provided with a phone number to call with any questions and to activate their two year subscription for credit monitoring.

Thursday, May 1, 2025 Update

Nova Scotia Power is providing important information about the recent cyber incident affecting our company. 

On April 25, we detected unusual activity on our network and immediately initiated our incident response plan. This included taking steps to contain the incident, launching a thorough investigation with the help of external cybersecurity experts, and working to restore affected systems safely and securely. We have also notified law enforcement.

While our investigation is ongoing, we have identified that certain customer personal information was accessed and taken by an unauthorized third party.

Rest assured, we are treating this situation very seriously. The security of your information is our top priority. We are working urgently to determine the full nature and scope of the data that may have been affected, and individuals impacted.

If we determine that your data was affected, we will send you notice with further details including about the affected information, along with resources and support.

We encourage you to remain vigilant and cautious about any unsolicited communications (such as emails, text, social posts, or phone calls) that appear to be from Nova Scotia Power asking you to provide your personal information. Please avoid clicking on suspicious links or downloading attachments without confirming they are from a legitimate source. 

We are committed to providing further updates as our investigation progresses. Our team asks for your patience as we work to understand the specific details of this unfortunate cyber incident.

There remains no disruption to Nova Scotia Power’s generation, transmission, and distribution facilities, and the incident has not impacted on our ability to safely and reliably serve customers in Nova Scotia.

We appreciate your patience and trust as we work to address this situation.

Monday, April 28, 2025 Update

Emera Inc. and Nova Scotia Power today announced on April 25, 2025 they discovered and are actively responding to a cybersecurity incident involving unauthorized access into certain parts of its Canadian network and servers supporting portions of its business applications.

Immediately following detection of the external threat, the companies activated their incident response and business continuity protocols, engaged leading third-party cybersecurity experts, and took actions to contain and isolate the affected servers and prevent further intrusion. Law enforcement officials have been notified.

There remains no disruption to any of our Canadian physical operations, including at Nova Scotia Power’s generation, transmission and distribution facilities, the Maritime Link or the Brunswick Pipeline, and the incident has not impacted the utility’s ability to safely and reliably serve customers in Nova Scotia. There has been no impact to Emera’s U.S. or Caribbean utilities.

Emera will release its Q1 Financial Statements and Management Disclosure and Analysis on May 8, 2025, as planned. At this time, the incident is not expected to have a material impact on the financial performance of the business.

Our IT team is working diligently with cyber security experts to bring the affected portions of our IT system back online.

Latest Updates

Wednesday, June 5, 2025

  • Nova Scotia Power leadership appeared before the Nova Scotia Public Accounts Committee as part of our ongoing commitment to transparency following the recent ransomware attack.
  • Immediately after detecting the cyberattack on April 25, we activated our response protocols, engaged cybersecurity experts, and have continued to work closely with law enforcement and regulators. The attack was sophisticated and resulted in stolen customer data; no ransom payment was made.
  • We've notified impacted customers, offered free credit monitoring and identity protection, and will begin providing in-person support in communities across the province to assist those facing challenges with the process.
  • We continue to invest in cybersecurity and are cooperating fully with ongoing investigations. We deeply regret the impact on our customers and remain focused on rebuilding trust and strengthening our systems.

Friday, May 23, 2025

  • Nova Scotia Power confirms we been the victim of a sophisticated ransomware attack.
  • No payment has been made to the threat actor. This decision reflects our careful assessment of applicable sanctions laws and alignment with law enforcement guidance.
  • We have learned that the threat actor has published data that was stolen from our systems. We are actively working with cybersecurity experts to assess the nature and scope of the information that may have been impacted.
  • Since the incident began several weeks ago, we have been actively working with the assistance of third-party cyber security experts to restore our systems safely and investigate the incident. We have also been working to further strengthen our systems and add additional security protections.
  • Notifications have been mailed to impacted account holders, which include detailed information about resources and support. Arrangements have been made with the consumer reporting agency, TransUnion, to provide impacted individuals with a two-year subscription to a comprehensive credit monitoring service (TransUnion myTrueIdentity®) at no cost.
  • We remain sincerely sorry that this issue has occurred. Protecting the privacy and security of information held by Nova Scotia Power is something we take very seriously.

Wednesday, May 14, 2025

  • Nova Scotia Power continues to investigate a cyber incident that has impacted certain IT systems in our network.
  • While the investigation remains ongoing, we have determined that on or around March 19, 2025, certain customer information stored on the impacted servers was accessed and later taken by an unauthorized third party.
  • Notifications are in the process of being mailed to impacted account holders, which includes detailed information about resources and support.
  • While we have no evidence of misuse of your personal information, as a precaution, arrangements have been made with the consumer reporting agency, TransUnion, to provide impacted individuals with a two-year subscription to a comprehensive credit monitoring service (TransUnion myTrueIdentity®) at no cost.
  • The types of impacted personal information varied by individual customer and depended, in part, on the information provided by each customer.
  • Any customer who receives a letter in the mail from Nova Scotia Power will be provided with a phone number to call with any questions and to activate their two year subscription for credit monitoring.

Thursday, May 1, 2025

  • We are actively responding to a cyber incident that has impacted certain IT systems in our network.
  • While our investigation is ongoing, we have identified that certain customer personal information was accessed and taken by an unauthorized third party.
  • If we determine that your data was affected, we will send you notice with further details including about the affected information, along with resources and support.
  • We encourage you to remain vigilant and cautious about any unsolicited communications (such as emails, text, social posts, or phone calls) that appear to be from Nova Scotia Power asking you to provide your personal information. Please avoid clicking on suspicious links or downloading attachments without confirming they are from a legitimate source.  

Monday, April 28, 2025

  • Emera and Nova Scotia Power discovered and are actively responding to a cybersecurity incident involving unauthorized access into certain parts of our network and servers supporting portions of our business applications.
  • Immediately following detection of the external threat, we activated incident response and business continuity protocols, engaged leading third-party cybersecurity experts, and took actions to contain and isolate the affected servers and prevent further intrusion.
  • There remains no disruption to any physical operations, including our generation, transmission, and distribution facilities, the Maritime Link or the Brunswick Pipeline, and the incident has not impacted our ability to safely and reliably serve our customers.
  • Our customers can continue to report outages or emergencies through our outage line at 1-877-428-6004.
  • This incident does not affect our ability to safely and reliably deliver electricity to all of our customers.
  • Please be vigilant and report any suspicious emails or phone calls.

FAQs

What happened?

Last updated: Sunday, April 27, 2025

We are actively responding to a cyber incident that was detected and has impacted certain IT systems in our network, including our customer care phone line and online customer portal, MyAccount.

As soon as this was detected, our IT team started coordinating with external cybersecurity experts and working around the clock to investigate this incident and restore our systems safely and securely.

What is Nova Scotia Power doing to address this cyber incident?  

Last updated: Wednesday, May 14, 2025

Although we are still actively investigating this cyber incident, we have taken the following steps:

  • Engaged external cybersecurity experts to help us investigate, remediate, and recover the affected systems. We have also notified law enforcement and regulators.
  • Conducted a detailed review of what data has been accessed and taken. This remains an ongoing, complex effort.
  • Commenced notifying impacted account holders with further details about the cyber incident, including providing resources and support.
  • Actively working to restore our systems and continuing to expand our interim business processes where needed to ensure business continuity to serve our customers.
Was customer information or confidential business information accessed?

Last updated: Wednesday, May 14, 2025

While our investigation is ongoing, we have identified that certain customer personal information was accessed and taken by an unauthorized third party. If we determine that your data was affected, we will send you notice with further details including about the affected information, along with resources and support.

I have not received a notification in the mail about my data—where is it? 

Last updated: Wednesday, May 14, 2025

The company’s investigation remains ongoing. Notices are in the process of being sent to individuals whose data we have determined has been accessed and taken. It may take a few business days for those notices to be received. If you don’t receive a notice about this incident, it means that at this time Nova Scotia Power has not identified your information as having been potentially affected by the recent cyber incident.

What services have been affected?

Last updated: Tuesday, May 20, 2025

While there is no disruption to our generation, transmission, and distribution facilities and no impact on our ability to provide safe reliable power, there are services that we are currently unable to provide.

Billing has been paused and our online customer portal MyAccount is also not available. If you have made a bill payment through your bank, those payments were processed by your financial institution. Rest assured, any potential for duplicate payments will be addressed and corrected.

We will post updates as we make progress and restore all services. We apologize for this inconvenience and thank you for your patience.

What services can you currently provide?

Last updated: Monday, May 12, 2025

While we work around the clock to restore all systems for our customers, many of our services remain impacted. We apologize for this inconvenience and thank you for your patience.

Customer Care

  • We are focused on supporting our customers. While wait times may be longer than usual, we are here for regular business from 8 AM to 6 PM. Please contact us at 1-800-428-6230.
  • Customers can continue to report outages or emergencies, such as downed wires, through our outage line at 1-877-428-6004.

Billing & Payments  

  • Please know that you will not be charged late fees or have your service disrupted as a result of this incident.
  • If you have made a bill payment through your bank, those payments were processed by your financial institution. Rest assured, any potential for duplicate payments will be addressed and corrected.

MyAccount

  • MyAccount login and features, such as view and pay your bill, are not available at this time.
  • MyEnergy Insights and Efficiency Insights are also not currently accessible through MyAccount.
When will your customer service systems be fully restored?    

Last updated: Wednesday, May 14, 2025

We are working around the clock to restore our systems safely and securely. Currently, we are not able to provide a timeline for full restoration. For more information about the services available for customers, please visit our Customer Service page here >

Cyber Safety

Article
Article
Oct 29, 2024

Are you cyber smart? How to spot an online scam

Online scams are becoming more sophisticated every day, with cyber criminals taking advantage of our growing reliance on technology in our daily lives. We’ve shared a few reminders so you can make smart decisions and protect yourself from cyber threats.
Read More