On April 25, 2025, Nova Scotia Power (NS Power), a utility serving over 550,000 customers in Nova Scotia, experienced a significant cyberattack targeting its information technology systems. Although the breach disrupted customer service operations, including phone lines and online portals, it did not affect the physical delivery of power or critical infrastructure such as power plants, substations, and transmission facilities. NS Power and its parent company Emera swiftly responded by isolating affected servers and have assured the public that there have been no confirmed outages or safety issues. Investigations are ongoing to assess the full impact, including potential data compromises, amid growing concerns over cybersecurity threats in the energy sector.
Details of the Cyberattack and Immediate Response
On April 25, 2025, Nova Scotia Power (NS Power) identified an unauthorized intrusion into its information technology environment. The attack primarily targeted customer service platforms, resulting in the temporary unavailability of phone support and the online customer portal. Despite these disruptions, NS Power confirmed that its operational technology systems, which manage power generation and distribution, remained secure and fully functional throughout the incident.
NS Power and its parent company, Emera, responded rapidly by isolating the affected IT servers to contain the breach and prevent further spread. Emergency protocols were activated to maintain communication with customers through alternative channels and update the public on service restoration efforts. The company emphasized that essential services, including power supply to over 550,000 customers in Nova Scotia, continued uninterrupted.
Impact on Customers and Services
The cyberattack caused inconvenience for customers attempting to access account information, report outages, or request services via standard communication methods. NS Power encouraged customers to use social media platforms and alternative contact methods provided during the disruption period. Customer service lines have since been partially restored, with full service expected to resume following ongoing system reviews and security enhancements.
Security Measures and Investigation
Following the incident, NS Power initiated a comprehensive investigation in collaboration with cybersecurity experts and law enforcement agencies to determine the source and scope of the attack. Efforts are focused on identifying any potential data breaches or compromises involving customer information. As of this report, NS Power has not confirmed any unauthorized access to sensitive customer data.
The utility is implementing increased cybersecurity defenses, including system upgrades and enhanced monitoring protocols, to mitigate the risk of future attacks. These measures align with industry standards recommended for energy sector entities amid rising concerns about cyber threats targeting critical infrastructure.
Context and Significance
The energy sector remains a prominent target for cyberattacks due to the critical nature of its infrastructure and potential impacts on public safety and economic stability. NS Power’s swift response and transparent communication reflect growing industry efforts to bolster resilience against such threats. The incident also highlights the importance of maintaining robust cybersecurity frameworks to protect both operational technologies and customer-facing systems.
In summary, the cyberattack on Nova Scotia Power’s information technology systems on April 25, 2025, underscored the persistent vulnerabilities faced by utilities in the evolving cybersecurity landscape. While the breach disrupted customer service operations temporarily, the core power delivery infrastructure remained secure, and the company promptly implemented containment and investigation measures. NS Power’s ongoing efforts to enhance its cybersecurity defenses and collaborate with experts demonstrate a commitment to safeguarding critical energy infrastructure and minimizing risks to customers. This incident serves as a reminder of the continuous need for vigilance and resilience in protecting vital public services from emerging cyber threats.
