Unlock the Editor’s Digest for free
The state-owned operator of the UK’s largest nuclear waste site is set to be prosecuted by the industry watchdog over alleged IT security breaches.
The Office for Nuclear Regulation said on Thursday that it was taking Sellafield Ltd to court over alleged offences between 2019 and 2023 under the Nuclear Industries Security Regulations 2003. The move marks the first prosecution brought by the ONR under the regulations.
Sellafield Ltd, which is owned by the UK’s Nuclear Decommissioning Authority, is in charge of cleaning up and looking after the Sellafield nuclear waste facility in West Cumbria, north-west England.
Set up in 2005, the NDA is a non-departmental public body that reports to the Department for Energy Security and Net Zero.
The 6 sq km site in Cumbria holds waste from the UK’s current active fleet of nuclear power plants, as well as from closed plants, including the former fleet of Magnox reactors.
It holds the world’s largest stockpile of plutonium, a byproduct of nuclear power production, and is described by the ONR as “one of the most complex and hazardous nuclear sites in the world”.
In a statement announcing the charges on Thursday, the ONR said there was “no suggestion public safety has been compromised”.
Sellafield Ltd confirmed it had been notified of the ONR’s intention to prosecute but declined to comment further, citing active court proceedings.
Further details of the charges have yet to be set out, with the date of the first court hearing not yet published.
However, one person familiar with the case said the charges were not related to a recent investigation by The Guardian newspaper, which alleged cyber security failings, including that Sellafield’s IT systems had been hacked by groups linked to Russia and China.
In response to The Guardian’s investigation, Sellafield Ltd in a statement said it had “no records or evidence” to suggest its networks had been attacked “in the way described by The Guardian”. The company added that it had a “high degree of confidence that no such malware exists on our system”.
In a letter to NDA chief executive David Peattie after The Guardian investigation was published, energy secretary Claire Coutinho described the allegations as “worrying” and asked for “assurance that cyber security threats are treated with highest level of priority”.
The public spending watchdog in February said it was reviewing Sellafield’s approach to cleaning up the site, including whether it was “managing and prioritising the risks and hazards of the site effectively”. The review by the National Audit Office is continuing.
Mark Neate, director of environment, safety and security at Sellafield, said in January he would step down this year because it was the “right time for me to move on”.
Sellafield said his departure was not related to The Guardian’s allegations.
The energy security department said safety and security at former nuclear sites was “paramount and we fully support the Office for Nuclear Regulation in its independent role as regulator”.
Also Read More: World News | Entertainment News | Celebrity News
