The Province of Nova Scotia has been the victim of a cybersecurity incident. The personal information of numerous employees from Nova Scotia Health, the IWK Health Centre, and the public service has been stolen in a global breach of the MOVEit file transfer service. The Province has confirmed that the compromised data includes social insurance numbers, addresses, and banking information that varies depending on employer.
While the exact number of affected employees is yet to be determined, preliminary estimates suggest that as many as 100,000 individuals may have been impacted. The Province says that it will provide more precise figures as the investigation progresses.
“We know people are concerned, and we are, too. We are now working to identify each person who has been impacted, and once we do, we will notify them,” said Cyber Security and Digital Service Minister Colton LeBlanc. “We’re working as quickly as we can. We will continue to provide updates as we learn more.”
The process of notifying affected individuals will commence in the following days and continue over the coming weeks. A dedicated team will manually review each file to identify those involved. In the meantime, current and former employees are advised to closely monitor their banking information for any suspicious transactions and consider contacting their financial institutions proactively.
To mitigate the potential repercussions of the breach, the Province will offer credit monitoring services to those impacted. Further details on this service will be provided as soon as possible.
The MOVEit file transfer service was temporarily taken offline on June 1 for a security update. Subsequently, on June 2, it was further suspended to complete the ongoing investigation. Following the completion of additional security measures and monitoring, the service was restored late Monday afternoon, June 5.
In light of this incident, the Province warns the public about potential scammers who may try to exploit the situation. The Province will never request social insurance numbers, MSI numbers, banking information, or money when notifying affected individuals.
Individuals who suspect that their accounts may have been compromised are strongly advised to immediately change their passwords and update any available browsers, applications, and software on their devices. Additionally, closely monitoring banking and credit card records and notifying financial institutions should be considered as precautionary measures.