Ransomware scum leaked Nova Scotia Power customers' info

Nova Scotia Power on Friday confirmed it had been hit by a ransomware attack that began earlier this spring and disrupted certain IT systems, and admitted the crooks leaked data belonging to an unspecified number of its roughly 500,000 customers online. The stolen info may have included billing details and, for those on autopay, bank account numbers.

Ransomware criminals are increasingly targeting utilities and other critical infrastructure, and often focus on the systems between core IT and operations, where defenses are weaker and utilities are more likely to pay. But in this case, the power company says it kept its wallet shut.

Nova Scotia Power and its parent company Emera first discovered the breach on April 25, describing it as "a cybersecurity incident involving unauthorized access into certain parts of its Canadian network and servers supporting portions of its business applications." They later determined that the attack began around ...