The head of Canada’s cyber-defence agency is offering some insight just weeks after a ransomware attack against Nova Scotia Power.

The utility’s computer systems were breached by ransomware hackers on March 19, but Nova Scotia Power did not discover it until April 25. The company disclosed the cybersecurity incident three days after that.

About 280,000 customers — more than half of the utility’s customers in the province — were informed by letter that their personal information may have been compromised in the attack. The data included names, addresses, phone numbers, birth dates, driver’s licences, social insurance numbers and banking information.

On Thursday, the Nova Scotia Energy Board granted approval to Nova Scotia Power to move forward with a $1.8-million project to improve cybersecurity.