Hacked N.S. power firm agrees to beef up security after customer data breached

Canada’s privacy commissioner says Nova Scotia’s largest power utility will strengthen its security following a cyberattack last year.

Nova Scotia Power sent a compliance letter to commissioner Philippe Dufresne saying it will delete customer social security numbers that it has on file.

The utility says in the letter it will also provide Dufresne’s office with the findings of an external security audit by the end of October.

In March 2025 a hacker accessed the data of hundreds of thousands of the utility’s customers.

Get breaking National news

Get breaking Canada news delivered to your inbox as it happens so you won't miss a trending story.

Sign up for breaking National newsletter Get Started

By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

The company’s former CEO has said the cyberattack was likely conducted by a Russia-based actor.

The attack disrupted automated billing for nearly a year, with many customers complaining about inflated bills.

“We’ve learned a great deal from this incident and have taken steps to further enhance our cybersecurity and data governance practices to protect against this kind of criminal activity,” Nova Scotia Power CEO Vivek Sood said in a statement.

“We are committed to implementing all recommendations to protect our customers and our employees.”

2:02 Nova Scotia Power’s data breach under intense scrutiny — could class-action lawsuit be filed?