On June 1, 2023, the Government of Nova Scotia reported that the personal information it holds on file for some Nova Scotians was taken as part of a global security breach through a file transfer service called MOVEit. This system allows information to move efficiently within government and to outside partners.
The Government advised NS Pension that some of the data files it shares with us were impacted. We have been working closely with the Government by providing review and analysis of the identified impacted files.
The Government is coordinating communications and will be reaching out to impacted individuals with a personalized letter.
Protection of the personal information of our plan members and employers is a top priority for NS Pension and as such, we are continuing to monitor this situation very closely.
For more information, please visit the Government’s dedicated webpage regarding their breach: https://novascotia.ca/privacy-breach/
NS Pension and MOVEit
NS Pension also uses the MOVEit secure file transfer system. It is important to highlight that our MOVEit system is separate from the Government’s. Once MOVEit informed their global users, including us, of potential gaps in its software’s security, our IT staff applied all MOVEit’s recommended patches/upgrades and reviewed the system for any Indicators of Compromise (IoCs) or data breaches. To date, we have not detected any IoCs/data breaches in our own MOVEit system.
Cybersecurity safety tips
Cybersecurity is an issue for everyone, regardless of whether you are impacted by this breach or not. Steps you can take to protect yourself include:
-
only install applications on your devices from well-known companies
-
never share your password, always create strong passwords, and use multifactor authentication if available
-
regularly monitor your financial accounts and credit bureau information, e.g., TransUnion, Equifax.
-
limit your public computer use to non-sensitive transactions (Remember to log out of public computers when you finish using them.)
If you are concerned about the security of your personal information,
-
contact your financial institution and any other companies you transact with
-
contact TransUnion or Equifax and ask to have a fraud alert placed on your credit report