Pierluigi Paganini
May 01, 2025
Nova Scotia Power Inc. is a vertically integrated electric utility serving the province of Nova Scotia, Canada. Headquartered in Halifax, it is a subsidiary of Emera Inc. The company provides electricity to over 500,000 residential, commercial, and industrial customers across the province. Its operations encompass generation, transmission, and distribution of electricity, utilizing a diverse mix of energy sources including coal, natural gas, hydroelectric, wind, tidal, oil, and biomass. Nova Scotia Power manages approximately $5 billion in assets and produces more than 10,000 gigawatt-hours of electricity annually.
Nova Scotia Power and Emera faced a cyber attack that has impacted their IT systems and networks. Both companies declared that the security incident did not cause any power outages.
“Emera Inc. and Nova Scotia Power today announced, on April 25, 2025 they discovered and are actively responding to a cybersecurity incident involving unauthorized access into certain parts of its Canadian network and servers supporting portions of its business applications.” reads a joint statement published by the companies. “Immediately following detection of the external threat, the companies activated their incident response and business continuity protocols, engaged leading third-party cybersecurity experts, and took actions to contain and isolate the affected servers and prevent further intrusion. Law enforcement officials have been notified.”
We are actively responding to a cyber incident that has impacted certain IT systems in our network.
— Nova Scotia Power (@nspowerinc) April 28, 2025
This incident doesn't impact on our ability to provide safe, reliable power to our customers—Customer Care is currently available for outages and emergencies through our 1/2 pic.twitter.com/YhU3ItjIs4
On April 25, both companies found unauthorized access to parts of their network. In response to the intrusion, the companies shut down affected servers, disrupting IT systems, including customer support lines and the online portal. As of April 28, they were still working to restore services, and confirmed that the incident did not “impact on their ability to provide safe, reliable power to their customers.
Emera confirmed no disruption to its Canadian operations, including Nova Scotia Power, and no impact on U.S. or Caribbean utilities. The cyber incident is not expected to impact financial performance. Emera will release its Q1 results on May 8, 2025, as scheduled.
The companies did not share technical details about the attack, however, experts speculate they have been targeted in a ransomware attack. At the time of writing, no known ransomware gang claimed responsibility for the attack.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Canada)
