Nova Scotia Power, the Canadian province's leading electric utility, had data belonging to almost 280,000 clients, or more than half of all its customers, confirmed to have been exfiltrated following a March ransomware attack which the firm previously noted could have led to the compromise of individuals' names, birthdates, mailing and service addresses, email addresses, customer account history, Social Security numbers, and bank account numbers, reports The Register.
Investigation into the nature and extent of information stolen in the incident is still underway, according to Nova Scotia Power, which denied paying the demands of still unnamed attackers in compliance with law enforcement guidance. Additional details regarding the means of initial compromise, as well as the timeline of total IT systems restoration, were not provided but the firm alerted customers regarding the mounting prevalence of phishing and social engineering attacks following the ransomware intrusion. "We encourage you to remain vigilant and cautious about any unsolicited communications that appear to be from Nova Scotia Power asking you to provide your personal information," the firm added.
Investigation into the nature and extent of information stolen in the incident is still underway, according to Nova Scotia Power, which denied paying the demands of still unnamed attackers in compliance with law enforcement guidance. Additional details regarding the means of initial compromise, as well as the timeline of total IT systems restoration, were not provided but the firm alerted customers regarding the mounting prevalence of phishing and social engineering attacks following the ransomware intrusion. "We encourage you to remain vigilant and cautious about any unsolicited communications that appear to be from Nova Scotia Power asking you to provide your personal information," the firm added.
