News release

Significant Progress Made in Cybersecurity Breach Investigation

Cyber Security and Digital Solutions

The Province announced today, June 14, that it is making significant progress in identifying groups of people and organizations impacted by the MOVEit global cybersecurity breach.

The investigation is in the early stages of identifying the individuals affected, and notification letters will start going out at the end of the week.

“Now that we have a better understanding of those impacted, we can start sending letters out to Nova Scotians who have had personal information breached,” said Cyber Security and Digital Solutions Minister Colton LeBlanc. “The letters will include information about the arrangements we have made for a free fraud protection and credit monitoring service. We urge everyone who is impacted to register. “I want to remind all Nova Scotians that identity theft is a sad reality in the digital age. Whether you have been impacted by this breach or not, please keep a close eye on your financial transactions, change your passwords regularly, and take steps to protect yourself.”

Since the last update, the Province has found more members of the public and the public service have been affected by the breach, including:

  • about 13,000 active employees of regional centres for education and the Conseil scolaire acadien provincial. This includes teachers, as well as administrative, human resources and finance staff. Information breached includes name, address, social insurance number, pension payment amounts and gender. This is different from the list of certified and permitted teachers announced Friday, June 9, although there may be overlap.

  • about 480 individuals in the Prescription Monitoring Program. This includes health card number, personal health information and demographic information. This is an update to the 60 people announced Friday.

  • about 17,500 water and tax bill accounts with the Region of Queens Municipality, including name, address, account number, payment amount and balance owing. This does not include other financial information.

  • just more than 100 patients who visited the early labour and assessment unit at the IWK Health Centre. The personal health information breached was limited – name, date and time of visit, and reason for visit.

  • five students from a Department of Labour, Skills and Immigration file have had their name, address, social insurance number, phone number and date of birth released; two students have had their name, institution and student ID number released.

Elections Nova Scotia’s voters list was also on MOVEit so it could be shared with political parties. But this file was shared in a way that made it inaccessible, and the investigation has indicated it was not compromised.

While the Department of Cyber Security and Digital Solutions is reviewing files impacted by the breach, individual government departments and organizations that use MOVEit were sent their files to review and notify people accordingly. For example, Halifax Water notified approximately 25,000 customers that their names and account numbers were part of the breach.

The duplication of names has made it challenging to get the definitive number of individual Nova Scotians impacted. The number also changes as files are reviewed. For example, the number of recipients of Nova Scotia pensions whose name, date of birth and demographic information were compromised has changed to 900 from the 1,400 reported last week. Also, the number of incarcerated Nova Scotians whose prisoner ID number, name, gender, date of birth and incarceration status were compromised has increased to 655 from 500.

Quick Facts:

  • the breach took place May 30-31, before the Province was aware of the vulnerability
  • MOVEit was taken offline June 1 for a security update, then taken offline again on June 2 for further investigation; it has been updated and additional monitoring is in place
  • there were more than 5,800 folders involved, each with multiple files and records in them
  • it will take many weeks to identify all the individuals affected and send notification letters to them
  • scammers often use incidents like this to prey on people; the Province will not ask for social insurance numbers, MSI numbers, banking information or money when it notifies impacted Nova Scotians

Additional Resources:

Updates and information on this breach, including advice for potential victims of the breach, is available at: https://novascotia.ca/privacy-breach/

People can get information on protecting their social insurance number and what to do if it is compromised at: https://www.canada.ca/social-insurance-number

Information on what steps to take to protect the identity of a deceased loved one: https://www.canada.ca/en/services/benefits/notify-government-death.html

General cyber-safety information is available at: https://www.getcybersafe.gc.ca/en

Follow Us