Reports concerning an incident involving Nova Scotia Health Employees’ Pension Plan (NSHEPP) in Canada are part of the Accellion breach that has been in the news since January. NSHEPP has posted a number of notices and updates on their site. It is not yet confirmed whether their data was actually exfiltrated by the attackers or not, so it is best to err on the side of caution and assume that it was.
Taryn Grant reports:
Personal data tied to over 50,000 current and former health-care workers in Nova Scotia may have been accessed during a recent security breach through their pension plan.
Members are now being advised to sign up for a credit monitoring and fraud protection service.
In a series of notices that were posted online last month, the operators of the Nova Scotia Health Employees’ Pension Plan said it was possible for data on a third-party email server to be accessed over a two-month period, from Nov. 25, 2020 to Jan. 25, 2021.
Read more on CBC.
As a reminder: Here is a list of Accellion clients who have issued statements confirming that they were impacted by the Accellion attack or whose names have shown up on CLOP threat actors’ leak site for allegedly refusing to pay CLOP’s extortion demands.