Nova Scotia Power and its parent company Emera are responding to a cyberattack that led to the shutdown of several internal IT systems. The breach was discovered on April 25, when unauthorized access was detected in parts of their Canadian business network and servers.

Following the discovery, the impacted servers were immediately isolated, and the company began working to contain and recover affected systems. The attack disrupted customer-facing services, including the utility’s online portal and customer care phone line.

No physical operations were affected, according to a joint statement. Power generation, transmission, and distribution systems—including major infrastructure such as the Maritime Link and Brunswick Pipeline—remained fully operational. Emera’s U.S. and Caribbean utilities were also not impacted by the incident.

As of the most recent update on April 28, efforts to restore systems were still underway. There have been no further updates since then, and it remains unclear whether any customer or confidential business information was compromised. An internal investigation is ongoing.

While the nature of the intrusion hasn’t been confirmed, the situation bears the hallmarks of a ransomware attack, though no known ransomware group has claimed responsibility at this time.

This incident places Nova Scotia Power among a growing list of energy sector targets, a category increasingly vulnerable to both financially motivated cybercriminals and state-backed actors. Just last year, threat group Volt Typhoon—linked to China—maintained access to parts of the U.S. electric grid for nearly 300 days, underscoring the long-term persistence of these attacks.