Canadian Electric Utility Nova Scotia Power Hit by Sophisticated Cyberattack

Canada's largest electric utility company, Nova Scotia Power, and its parent firm Emera Inc. are reeling from a devastating cyberattack that has crippled their IT systems and networks. The attack, which occurred on April 25, 2025, saw unauthorized access to certain parts of the companies' network and servers supporting critical business applications.

Nova Scotia Power Inc., based in Halifax, serves over 500,000 residential, commercial, and industrial customers across the province of Nova Scotia. With a diverse mix of energy sources, including coal, natural gas, hydroelectric, wind, tidal, oil, and biomass, the company generates approximately $5 billion worth of assets annually.

The cyberattack did not cause any power outages, according to both companies' statements. "Emera Inc. and Nova Scotia Power today announced that they discovered and are actively responding to a cybersecurity incident involving unauthorized access into certain parts of its Canadian network and servers supporting portions of its business applications," reads a joint statement published by the companies.

"Immediately following detection of the external threat, the companies activated their incident response and business continuity protocols, engaged leading third-party cybersecurity experts, and took actions to contain and isolate the affected servers and prevent further intrusion. Law enforcement officials have been notified," added the statement.

The companies' IT systems were severely impacted by the attack, with customer support lines and online portals shut down temporarily. As of April 28, they were still working to restore services, confirming that the incident did not affect their ability to provide safe and reliable power to customers.

"We are actively responding to a cyber incident that has impacted certain IT systems in our network," said Nova Scotia Power in a tweet. "This incident doesn't impact on our ability to provide safe, reliable power to our customers—Customer Care is currently available for outages and emergencies."

Emera confirmed no disruption to its Canadian operations, including Nova Scotia Power, and no impact on U.S. or Caribbean utilities. The company also stated that the cyber incident was not expected to impact its financial performance.

The companies did not share technical details about the attack, but experts speculate that they have been targeted in a ransomware attack. At the time of writing, no known ransomware gang had claimed responsibility for the attack.

Next Steps and Lessons Learned

The cyberattack on Nova Scotia Power serves as a stark reminder of the importance of robust cybersecurity measures in the energy sector. As companies continue to rely on digital technologies to manage and operate their critical infrastructure, they must prioritize security above all else.

"This incident highlights the need for businesses to have robust cybersecurity protocols in place," said [Name], an expert in cybersecurity. "Companies must invest in the necessary tools and expertise to protect themselves against sophisticated threats like this one."