An audit of Halifax Water by the Halifax Regional Municipality's auditor general has found deficiencies in the utility's cybersecurity, including employees clicking links in emails. As part of the audit, an email purporting to be from a legitimate source with a link, known as a phishing email, was sent to 55 employees of the utility to test their awareness of security protocols. According to the report, 45 employees clicked a link in the email and provided their credentials. Three others clicked the link but did not submit their credentials. Auditor General Evangeline Colman-Sadd's audit looked at supervisory control and data acquisition (SCADA) systems and made 21 recommendations for improving security.