Latest news with #PeterGregg
CTV News
05-06-2025
- Business
- CTV News
NDP calls for greater accountability in wake of Nova Scotia Power cyberattack
There are concerns customers could be on the hook to pay for the recent Nova Scotia Power cyberattack. Nova Scotia Power may have weathered the cyberattack that compromised its systems, but the political and financial fallout continues, along with calls for accountability. At the legislature's public accounts committee on Wednesday, NDP Leader Claudia Chender criticized the utility for what she described as a failure to protect Nova Scotians. 'Legally, Nova Scotia Power is the victim, but actually it's Nova Scotians who are suffering harm,' Chender said. The utility's president and CEO Peter Gregg confirmed that while the company has cyber insurance, there is still no estimate of the total cost to repair and restore its systems. 'We do not have an estimate of the full cost of restoration at this point,' Gregg said. 'That is an ongoing part of our investigation.' That uncertainty raises the possibility that ratepayers could bear some of the cost. Chender and others said that should not be the case. Insurance industry experts say demand for cyber insurance is rising across Canada, and when large-scale claims are filed, premiums tend to rise. 'All sorts of things could impact what your premiums look like going forward,' said Amanda Dean, vice-president of Ontario and Atlantic at the Insurance Bureau of Canada. 'Especially the claims for the pool you're paying your premium into.' Chender argued that existing legislation doesn't go far enough to protect consumers after such breaches. She said the NDP plans to introduce legislation that would enable class-action lawsuits in Nova Scotia, similar to legislation already in place in British Columbia. 'That way, an organization like Nova Scotia Power can actually be held liable for this kind of breach, which right now is very difficult to do,' she said. Chender also said the utility's offer of two years of free credit monitoring for affected customers is inadequate. 'They should be offering five,' she said. 'There should be the ability to have a free credit freeze.' Nova Scotia Power said it's continuing to investigate the data breach, along with provincial officials and the federal privacy commissioner. The province's auditor general may also get involved, though any potential audit is still in the early stages. Claudia Chender Nova Scotia NDP Leader Claudia Chender speaks to reporters at Province House following the speech from the throne and opening of the legislature in Halifax on Friday, Feb. 14, 2025. (Darren Calabrese) For more Nova Scotia news, visit our dedicated provincial page
Globe and Mail
04-06-2025
- Business
- Globe and Mail
NS Power CEO, staff questioned over data breach that saw 280,000 customers' data stolen
Nova Scotians have lost trust in the province's largest electric utility, provincial politicians said Wednesday during a heated committee meeting that raised tough questions about the recent ransomware attack on Nova Scotia Power. The cybersecurity breach gave thieves access to personal and financial data belonging to 280,000 ratepayers – about half of the utility's customers. Members of the public accounts committee grilled Nova Scotia Power CEO Peter Gregg and two other senior staff members, asking them how the breach happened and what the company will do to protect ratepayers from financial harm. 'We understand it is very concerning, and we're working hard to address customer issues and to continue to strengthen our systems as we work to restore and rebuild,' Gregg told the committee. Hackers may have stolen up to 140,000 social insurance numbers in NS Power database breach By the time the meeting was over, however, the executives had very little new information to share. 'We have, as far as we understand, 140,000 Nova Scotians who have had their social insurance numbers stolen, and those people are furious,' NDP Leader Claudia Chender told the committee. Gregg said the company, a subsidiary of Halifax-based Emera Inc. EMA-T, identified unusual activity on their servers on April 25, but they later determined the cyber-thieves had accessed the system as early as March 19. The utility has since sent letters to customers informing them the stolen data may include their names, birth dates, e-mail addresses, home addresses, customer account information, driver's licence numbers and, in some cases, bank account numbers and social insurance numbers. The cyberattack affected almost half of the utility's 525,000 customers. Gregg confirmed the company had previously collected social insurance numbers to authenticate customers' identities in cases where multiple customers had the same name, but he said that practice has stopped. The utility now requests only the last three digits of each customer's social insurance number, which is not stored. Still, Chender pressed utility executives to explain why Nova Scotia Power continues to store the full social insurance numbers it had previously collected. But they declined to say, citing an ongoing investigation. 'I don't have an answer for you today,' Gregg said. Chender said Gregg's response was disappointing. 'With stronger safety protocols, Nova Scotians would be protected,' she said. The NDP leader went on to ask how affected ratepayers would be compensated for potential losses. Again, Gregg did not directly answer, saying the utility is offering customers a two-year subscription for credit monitoring, which might be extended. Progressive Conservative member Brian Wong said Nova Scotians deserve better. 'We have Nova Scotians that aren't just scared, they're angry,' he told Gregg. When asked by multiple committee members if Nova Scotia Power would commit to covering the costs of the breach internally rather than handing the bill to ratepayers, Gregg again avoided a direct answer. He said Nova Scotia Power's cybersecurity insurance would likely cover many expenses, but he said the utility doesn't yet know the cost of the breach. 'Until we get further into this investigation and determine total cost, I can't give you a yes or no answer.' Liberal member Derek Mombourquette said Nova Scotia Power's first step toward rebuilding public trust should be promising not to pass on costs to consumers who have long complained about soaring electricity bills and frequent power outages. 'There is no trust with Nova Scotia Power right now,' Mombourquette said after the meeting. 'I don't believe what we heard in the committee today has done any more to reassure the customers.' As the meeting concluded, Chender put forward a motion to request the province's auditor general investigate the breach, which was adopted. Meanwhile, the federal privacy commissioner has already launched an investigation. Philippe Dufresne issued a statement last week saying he started the probe after receiving complaints about the security breach in April.
Global News
04-06-2025
- Business
- Global News
Nova Scotia Power CEO, staff grilled by politicians over cybersecurity breach
Provincial politicians took aim at Nova Scotia Power during a legislative committee meeting Wednesday morning, saying the utility owes ratepayers answers after a cybersecurity breach gave thieves access to data belonging to 280,000 customers. The utility's CEO and other staff were grilled by the public accounts committee about how the breach happened and what the company will do to protect its customers from financial harm. Get breaking National news For news impacting Canada and around the world, sign up for breaking news alerts delivered directly to you when they happen. Sign up for breaking National newsletter Sign Up By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy Nova Scotia Power CEO Peter Gregg says the ransomware attack affected almost half of the utility's customers, including 140,000 customers who had given the utility their social insurance numbers. Chris Heck, chief digital officer with Nova Scotia Power's parent company Emera, told the committee that the company identified unusual activity on their server on April 25, but later determined the cyber-thieves had accessed the system as early as March 19. NDP Leader Claudia Chender pressed the two men to explain why Nova Scotia Power had been storing the social insurance numbers, but they declined to say, citing an ongoing investigation. Story continues below advertisement Meanwhile, the federal privacy commissioner has launched an investigation into the ransomware attack, with Philippe Dufresne saying in a statement last week he started the probe after receiving complaints about the security breach reported in late April.
CBC
04-06-2025
- Politics
- CBC
Committee to discuss N.S. Power breach that allowed theft of 280,000 customers' data
Social Sharing A provincial legislative committee is scheduled to meet today to discuss the recent Nova Scotia Power cybersecurity breach that allowed cyber thieves access to data from 280,000 customers. The privately owned utility's CEO and other senior staff with Nova Scotia Power were called as witnesses to the standing committee on public accounts, which is set to meet this morning. Company CEO Peter Gregg has previously said the data of about 280,000 Nova Scotia Power customers was breached in a ransomware attack — which is more than half of their total customers. The breach of the customer records was first reported in late April, and the company later indicated the first breach was detected in mid-March. Legal expert explains why Nova Scotia Power class action unlikely 2 days ago Duration 7:04 Many Nova Scotia Power customers who recently found out their personal information was stolen in a ransomware attack have questions about the utility's legal responsibilities in the wake of the data breach. Watch Amy Smith's interview with Wayne MacKay, professor emeritus at Dalhousie's law school. Gregg said the social insurance numbers of up to 140,000 customers had been collected by the utility, and therefore could have been accessed in the breach. He said Nova Scotia Power gathered these social insurance numbers as a way to authenticate customers' identities in cases where multiple customers have the same name, but social insurance numbers aren't required from its customers and were offered voluntarily. The federal privacy commissioner has launched an investigation into a ransomware attack, with Philippe Dufresne saying in a statement last week he started the probe after receiving complaints about the security breach the utility reported in late April.
CTV News
04-06-2025
- Business
- CTV News
Committee to discuss NS Power breach that allowed theft of 280,000 customers' data
Peter Gregg, president and CEO of Nova Scotia Power, makes an appearance before the Nova Scotia legislature's law amendments committee, in Halifax, Monday, Oct. 31, 2022. THE CANADIAN PRESS/Keith Doucette HALIFAX — A provincial legislative committee is scheduled to meet today to discuss the recent Nova Scotia Power cybersecurity breach that allowed cyber-thieves access to data from 280,000 customers. The privately owned utility's CEO and other senior staff with Nova Scotia Power were called as witnesses to the standing committee on public accounts, which is set to meet this morning. Company CEO Peter Gregg has previously said the data of about 280,000 Nova Scotia Power customers was breached in a ransomware attack — which is more than half of their total customers. The breach of the customer records was first reported in late April, and the company later indicated the first breach was detected in mid-March. Gregg said the social insurance numbers of up to 140,000 customers had been collected by the utility, and therefore could have been accessed in the breach. He says Nova Scotia Power gathered these social insurance numbers as a way to authenticate customers' identities in cases where multiple customers have the same name, but social insurance numbers aren't required from its customers and were offered voluntarily. The federal privacy commissioner has launched an investigation into a ransomware attack, with Philippe Dufresne saying in a statement last week he started the probe after receiving complaints about the security breach the utility reported in late April. This report by The Canadian Press was first published June 4, 2025.
