July 14, 2025 — Today, the Board issued a letter to NS Power, requesting a report from the utility about the cybersecurity incident. A copy of that letter, indicating what should be included in the incident report, is available HERE.

The Board expects NS Power to file its report by the end of this year. However, it has given NS Power the option to propose an alternative date if the utility believes the deadline is not achievable.

Until the report is filed, NS Power must submit monthly updates on its response to the cybersecurity incident and progress in preparing the report. The first update is due no later than August 1, 2025. 

Once the report is filed, the Board will launch a public process to review both the report and NS Power's planning for and response to the incident. Stephen T. McGrath, K.C., (Board Chair); Roland A. Deveau, K.C., (Board Vice Chair); and Richard J. Melanson, LL.B., (Board Member) are leading the Board's investigation and will oversee the public process. 

The Board continues to work with MNP Digital, which is independently assessing the cybersecurity incident on behalf of Board Counsel and staff. NS Power has provided a high-level briefing about the incident to MNP, Board Counsel, and staff. The Board recognizes that NS Power’s response to this incident and its own investigations are ongoing. 

Finally, the Board has received numerous Letters of Comment from NS Power customers regarding the cybersecurity incident. The Letters have been entered as part of the Board's proceeding and Board staff have prepared information requests for NS Power that touch on concerns and questions from customers. Those information requests will be issued to NS Power shortly, with responses due three weeks later.

The Board is committed to conducting a thorough and transparent proceeding. Every effort will be made to ensure the process is open and accessible to the public. However, some information may be withheld to protect security, personal privacy, and other confidential matters. This balance is necessary to maintain both accountability and safety. 

Documents related to this matter are available by searching "M12273" in our database HERE.

 

June 12, 2025 Over the past few weeks, the Board has been assembling its team and working to define the scope of the investigation. We have engaged MNP to provide cybersecurity expertise.

The next step is for NS Power to give MNP an initial briefing. Once that briefing has occurred, the Board will determine the rest of the process for the proceeding.

Documents related to this matter are publicly available. To access them, search "M12273" in our database HERE.

 

May 15, 2025 The Nova Scotia Energy Board has opened a formal proceeding to investigate the Nova Scotia Power cybersecurity incident. We are currently in discussions with cybersecurity experts to engage them in the matter.

We recognize that Nova Scotia Power is currently focused on recovery and mitigation efforts. Our process is not intended to interfere with that critical work. Our role is to ensure regulatory oversight and accountability while allowing the utility to concentrate on restoring systems and supporting impacted customers.

We take this matter very seriously and are committed to a thorough and transparent process.