Practically one month after it knowledgeable prospects that it had been focused in a cyberattack, Canadian electrical utility Nova Scotia Energy admitted on Friday that it has been coping with a ransomware assault.
The breach was disclosed by Nova Scotia Energy and its guardian firm Emera on April 28, and on Might 1 they admitted that hackers had stolen some buyer info.
On Might 14, Nova Scotia Energy knowledgeable prospects that info equivalent to identify, date of beginning, cellphone quantity, electronic mail deal with, mailing and repair addresses, energy consumption, service requests, and cost, billing, and credit score historical past was compromised.
The hackers additionally gained entry to driver’s license numbers, Social Insurance coverage Numbers, and checking account numbers shared for pre-authorized funds.
The corporate highlighted that the incident didn’t trigger any disruption to electrical energy technology, transmission and distribution services.
Within the newest replace, shared on its web site on Might 23, Nova Scotia Energy confirmed that it has been focused in what it described as a “subtle ransomware assault”.
“No cost has been made to the menace actor,” the utility clarified. “This resolution displays our cautious evaluation of relevant sanctions legal guidelines and alignment with legislation enforcement steering.”
It additionally famous that the menace actor has printed knowledge stolen from its programs, and the corporate is presently working with cybersecurity specialists to evaluate the character and scope of the impacted info.Commercial. Scroll to proceed studying.
It’s unclear which ransomware group is behind the assault and the place the information has been printed. SecurityWeek has discovered no point out of Nova Scotia Energy on any of the recognized ransomware teams’ leak web sites on the time of writing.
Nova Scotia Energy gives electrical energy to roughly 550,000 prospects, and it mentioned it’s sending out knowledge breach notifications to roughly 280,000 of them.
The cybersecurity group has typically warned in regards to the danger of energy grid hacking because of software program and {hardware} vulnerabilities. Nonetheless, the menace to energy grids just isn’t solely theoretical, with state-sponsored hackers focusing on such programs to trigger disruption or for espionage.
Associated: Marlboro-Chesterfield Pathology Knowledge Breach Impacts 235,000 Folks
Associated: Coinbase Says Rogue Contractor Knowledge Breach Impacts 69,461 Customers
Associated: UK Authorized Support Company Finds Knowledge Breach Following Cyberattack
