TZUTC: -0500
MSGID: 1130.consprcy@1:2320/105 2c8dd259
PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0
TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
Hackers steal customer data in Nova Scotia Power cyberattack

Date:
Fri, 16 May 2025 15:29:00 +0000

Description:
Plenty of sensitive information was grabbed, including bank account numbers.

FULL STORY

Nova Scotia Power, a major electricity provider in the Canadian province,
suffered a cyberattack in which it lost sensitive customer information. The
company confirmed the news in an announcement published on its website. 

The original announcement, published in late April 2025, said the attack did
not disrupt the company's physical operations, or its ability to serve its
customers, but added that the team was working on bringing parts of its IT
system back online. 

A subsequent update stated that the attack occurred on March 19, 2025, and
that the miscreants stole peoples names, phone numbers, email addresses,
mailing and service addresses, Nova Scotia Power program participation
information, dates of birth, and customer account history (such as power
consumption, service requests, customer payment, billing, and credit history,
and customer correspondence), drivers license numbers, and Social Insurance
Numbers. 

No evidence of abuse

For some of our customers, bank account numbers (for pre-authorized payment)
may also have been impacted, if this information was provided by these
customers. 

While all of the stolen data is valuable to criminals and can be used in a
wide range of ways, from identity theft to phishing, this last part - the 
loss of bank account numbers - is particularly worrisome, as it allows crooks
to mount wire fraud, as well. 

Nova Scotia Power stressed that there is no evidence the data was abused in
the wild and added that it is offering impacted individuals a two-year
subscription to a comprehensive credit monitoring service at no cost. 

People who are affected by the breach are currently being notified, the
company added, without disclosing exactly how many people that is. At press
time, no threat actors claimed responsibility for the attack. 

Users are advised to remain vigilant and particularly careful when receiving
unsolicited email messages, or phone calls, from people claiming to be from
Nova Scotia Power. 

 Via BleepingComputer

======================================================================
Link to news story:
https://www.techradar.com/pro/security/hackers-steal-customer-data-in-nova-sco
tia-power-cyberattack

$$
--- SBBSecho 3.20-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 111 114 206 300 307 317 400 426 428
SEEN-BY: 229/470 664 700 705 266/512 291/111 320/219 322/757 342/200
SEEN-BY: 396/45 460/58 712/848 902/26 2320/0 105 3634/12 5075/35
PATH: 2320/105 229/426