Committee to discuss N.S. Power breach that allowed theft of 280,000 customers’ data
A provincial legislative committee is set to convene today to address the recent cybersecurity breach at Nova Scotia Power, which compromised the data of 280,000 customers. The CEO of the privately owned utility, Peter Gregg, along with other senior staff members, are expected to testify before the standing committee on public accounts during the meeting.
The breach, which was first detected in mid-March and reported in late April, involved a ransomware attack that exposed sensitive customer information. Gregg disclosed that the social insurance numbers of up to 140,000 customers were among the data that could have been accessed during the breach. Nova Scotia Power had collected these numbers as a means of verifying customers’ identities, although they were not mandatory and were provided voluntarily.
In response to the breach, the federal privacy commissioner, Philippe Dufresne, has initiated an investigation into the incident. Following complaints about the security breach, Dufresne announced the probe to assess the extent of the breach and determine any potential violations of privacy regulations.
The breach has raised concerns among Nova Scotia Power customers regarding the utility’s legal responsibilities in safeguarding their personal information. Many individuals are seeking clarity on the utility’s obligations in the aftermath of the cyberattack and the potential implications for affected customers.
As the legislative committee delves into the details of the cybersecurity breach, stakeholders are eager to understand the impact on customer data security and the measures that Nova Scotia Power plans to implement to prevent future breaches. The committee’s discussions are expected to shed light on the utility’s response to the incident and its commitment to enhancing cybersecurity protocols to protect customer information.
The cybersecurity breach at Nova Scotia Power serves as a stark reminder of the evolving threats posed by cybercriminals and the critical importance of robust data protection measures. As the investigation unfolds, stakeholders will be closely monitoring the utility’s actions to address the breach and strengthen its cybersecurity framework to prevent similar incidents in the future.
