One employee’s click on a fake pop-up gave hackers access to a power company’s systems, exposing the data of hundreds of thousands of customers.
The attack took place at Nova Scotia Power, a major electricity provider in Canada. It started in March 2025 when an employee innocently clicked a pop-up on their PC. The employee, of course, believed the pop-up to be safe. However, this single click started a chain reaction. This one simple act enabled the hackers to install malware on the organization’s network. With the malware activated, they were able to establish a foothold inside the network.
The breach remained undetected for some time. When Nova Scotia Power became aware of the attack, they discovered that data for around 915,000 customers had been exposed.
One Single Click Spells Disaster
Once the attackers had gained their initial entry to the network, they took their time. Rather than striking at the first opportunity they had, they slowly expanded their access across the network. By downloading more malware tools, the attackers were able to move deeper within the company’s systems.
After about a month, they were able to access and harvest sensitive data from both internal networks and cloud storage. Information at risk included personal customer details e.g. names and contact information. Worse still, the attackers were able to strengthen their attack by obtaining login credentials. This gave them greater control and enabled them to destroy backups and launch ransomware attacks.
At this point, the company started to experience major operational issues. Services were disrupted and customers began to grow concerned over the safety of their personal data. And what caused it all? That’s right, a single click on a pop-up which took the employee to a compromised website.
Three Simple Ways to Avoid the Same Trap
As of the time of this article, there has been no suggestion that any data has been leaked or that Nova Scotia Power paid any ransom fees. But the fact remains that the potential for a major data leak was huge. More worryingly, attacks such as this aren’t limited to large organizations, they could happen to a business of any size.
Pop-ups, fake alerts, and urgent messages are all designed to feel familiar. The hackers rely on people assuming they’re genuine prompts, all just part of the usual PC routine. This is why, sometimes, people click them.
Luckily, you don’t need to be an expert to protect yourself and your organization. Small changes in behavior can make a big difference:
- Be Suspicious of Pop-ups: Never assume that a pop-up on a PC is safe, especially if it’s urging you to complete an action. Instead, take a moment to look closely at the pop-up and evaluate if you think it’s safe. Even the slightest doubt should tell you that it’s time to check with an IT professional.
- Only Trust Official Updates: The simplest and safest way to update your software and devices is through your device settings and trusted apps. Emails demanding that you install urgent updates or suspicious websites urging you to download updates should never be trusted.
- Use an Ad Blocker: Want to stop pop-ups in their tracks? Just install an ad blocker. These tools, often found in the form of browser extensions, block pop-ups before you have a chance to see them, let alone click on their malicious payload.
For more ways to secure and optimize your business technology, contact your local IT professionals.
