Nova Scotia Power says the cyber-attack on the utility in the spring means the company needs to collect power usage information on foot rather than digitally for now. It said meters have continued to function since the attack was discovered on 25 April, but that information can’t be sent digitally to the company. “As a result, we initially paused customer billing and have recently resumed billing with most customers receiving estimated bills until our systems are restored and meters begin communicating again,” the company said on 8 July in a post on its website.[1]
Meter readers started going to homes and businesses this month to get information from meters to accurately reflect usage since April of this year. The company said meter readers will need to access most properties, but customers do not have to be on site. The readers will be wearing NSP-branded clothing and will carry ID bearing the word “contractor.”
The company said that if meters can’t be read because of vegetation, pets, fencing or other reasons, the bill will be estimated again based on an average of power use at the property during a similar time of year.
The ransomware attack in March was initially thought to have only affected a percentage of customers, but last month the company said all customers past and present may have been involved.
The company is still working to determine the full scope of what information was taken but can’t rule out that these types of personal information were taken: name, phone number, email address, mailing and service addresses, Nova Scotia Power program participation information, date of birth, driver’s license numbers and customer account history.
Customer account history can include power consumption, service requests, payments, billing and credit history, and customer correspondence. For some former customers, bank account numbers used for pre-authorized payment and social insurance numbers may also have been accessed.
This article is shared with permission at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
[1] https://www.saltwire.com/nova-scotia/nova-scotia-power-meter-readings-cyberattack
Comments