News release

Update on MOVEit Global Security Breach

Cyber Security and Digital Solutions

The Province has determined that the personal information of many employees of Nova Scotia Health, the IWK Health Centre and the public service has been stolen in the MOVEit global cybersecurity breach.

So far, the provincial investigation indicates that social insurance numbers, addresses and banking information were stolen. The amount and type of information depends on the employer. This information was shared through the MOVEit file transfer service because this service is used to transfer employee payroll information.

The information of past employees of Nova Scotia Health and the public service may also have been stolen.

The investigation has not yet determined how many employees have been impacted, but initial estimates suggest as many as 100,000. This number could go up or down. The Province will provide more specific numbers as the investigation continues.

“We know people are concerned, and we are, too. We are now working to identify each person who has been impacted, and once we do, we will notify them,” said Cyber Security and Digital Service Minister Colton LeBlanc. “We’re working as quickly as we can. We will continue to provide updates as we learn more.”

Notification will begin in the coming days and continue over the coming weeks, as staff manually go through each file and identify the people involved. Current and former employees should watch their banking information closely and look for suspicious transactions. They may wish to contact their banking institution proactively.

The Province will be offering credit monitoring service to those impacted. More information will be shared as soon as possible.

The MOVEit service went back online late Monday afternoon, June 5. Additional security updates and monitoring have been installed.

Quick Facts:

  • MOVEit was taken offline June 1 for a security update, then taken offline again on June 2 for further investigation
  • scammers often use incidents like this to prey on people; the Province will not ask for social insurance numbers, MSI numbers, banking information or money when it notifies impacted Nova Scotians
  • in general, Nova Scotians who think they have been hacked should immediately change passwords and update any versions of browsers, apps and software available for their devices
  • people should also watch their banking and credit card records and consider notifying their financial institutions

Additional Resources:

Updates and information on this breach, including advice for potential victims, is available at: https://novascotia.ca/privacy-breach/

General cyber-safety information is available at: https://www.getcybersafe.gc.ca/en