Nova Scotia expands victim count in global data hack

Thousands more impacted by breach

Nova Scotia expands victim count in global data hack

The Nova Scotia government has revealed that thousands more individuals have been impacted by a recent data breach.

The breach targeted the MOVEit file transfer service and resulted in the theft of private data, including social insurance numbers, addresses, and banking details.

It was initially estimated that up to 100,000 people in Nova Scotia had their data compromised, but Nova Scotia officials have said the breach also affected 13,000 employees working at regional centres for education and the province’s francophone school board.

Hackers were also found to have gained unauthorized access to approximately 17,500 water and tax bill accounts belonging to the Region of Queens Municipality in southwestern Nova Scotia, as well as data from the Nova Scotia Pension Agency.

Utility provider Halifax Water has also notified 25,000 customers that their names and account numbers were part of the Nova Scotia data breach, according to the update.

Nova Scotia cybersecurity minister Colton LeBlanc said the province plans to distribute notification letters by the end of the week.

“The letters will include information about the arrangements we have made for a free fraud protection and credit monitoring service,” added LeBlanc. “We urge everyone who is impacted to register.

“I want to remind all Nova Scotians that identity theft is a sad reality in the digital age. Whether you have been impacted by this breach or not, please keep a close eye on your financial transactions, change your passwords regularly, and take steps to protect yourself.”

A ransomware group called Clop has claimed responsibility for the attack, according to a previous report by The Canadian Press.

The group said it had already deleted all the data stolen from government bodies, but experts have been skeptical about this assertion.

“Clop's claim to have deleted data belonging to public sector bodies should be assumed to be false,” said Brett Callow, a threat analyst with cybersecurity company Emsisoft. “There is no reason for a criminal enterprise to simply delete information that may have value.”

What are your thoughts on this story? Feel free to comment below.

Recent articles & video

Last few days to nominate in the Top 25 Most Influential Lawyers

Why this documentarian profiled elder rights advocate Melissa Miller in Hot Docs film Stolen Time

Saskatchewan government boosts practical learning at University of Saskatchewan College of Law

BC Supreme Court clarifies the scope of solicitor-client privilege in estate administration

Federal Courts invite public feedback on the conduct of a global review of its rules

BC proposes legislative changes to support First Nations land ownership

Most Read Articles

National Bank cannot fulfill Greek bank’s credit guarantee due to fraud exception: SCC

Canada facing pervasive ransomware, broader cyber-criminal landscape and threat from AI: lawyer

Ontario Court of Appeal rules against real estate developer for breach of a joint venture agreement

Canadian Lawyer partners with legal associations to survey legal graduates