Canadian electrical utility Nova Scotia Energy has shared an inventory of the forms of private and monetary data that had been stolen as a part of the just lately disclosed cybersecurity incident.
The intrusion was introduced to the general public by Nova Scotia Energy and its mother or father firm Emera in late April, and on Might 1 it was revealed that hackers had stolen some buyer data.
The corporate highlighted that the incident didn’t trigger any disruption to electrical energy era, transmission and distribution services.
In an replace shared on Might 14, Nova Scotia Energy stated buyer data saved on compromised servers was accessed and brought on or round March 19.
The stolen data consists of a number of of the next forms of information: identify, date of start, cellphone quantity, e mail handle, mailing and repair addresses, in addition to information equivalent to energy consumption, service requests, and fee, billing, and credit score historical past.
Driver’s license numbers and Social Insurance coverage Numbers had been additionally compromised, and in some instances — for purchasers who supplied such data — the attackers additionally obtained checking account numbers shared for pre-authorized funds.
Nova Scotia Energy says it doesn’t have proof of misuse of the compromised data — that is one thing {that a} majority of corporations say when struggling a big information breach — nevertheless it has determined to offer two years of free credit score monitoring companies to impacted people as a precaution.
It’s unclear what number of people are impacted. The corporate supplies electrical energy to roughly 550,000 clients. Commercial. Scroll to proceed studying.
It’s additionally nonetheless unclear whether or not Nova Scotia Energy was focused in a ransomware assault. No recognized ransomware group has taken credit score for the incident by the point of writing.
If this was certainly a ransomware assault, it’s attainable that Nova Scotia Energy has not been listed on any leak web site as a result of it determined to pay a ransom, or as a result of it’s nonetheless negotiating with the cybercriminals.
The utility didn’t wish to share any data outdoors of what has been posted on its web site.
Associated: Australian Human Rights Fee Discloses Knowledge Breach
Associated: Marks & Spencer Says Knowledge Stolen in Ransomware Assault
Associated: Safety Agency Andy Frain Says 100,000 Individuals Impacted by Ransomware Assault
