The Sellafield nuclear waste site has pleaded guilty to criminal charges brought by the industry regulator, admitting to significant cyber security failings over a four-year period that put sensitive information at risk.
Lawyers acting for the state-owned Sellafield Ltd – which is working on behalf of the Nuclear Decommissioning Authority (NDA) to manage the Sellafield nuclear waste facility in Cumbria – pleaded guilty to all three charges brought by the Office for Nuclear Regulation (ONR), telling a London magistrates’ court that while the organisation “had in place systems of cyber security, those systems were not sufficiently adhered to for a period”.
One of the criminal charges revolved around Sellafield’s failure to “ensure that there was adequate protection of sensitive nuclear information on its information technology network”, while the other two related to failures to conduct “annual health checks” of its IT systems.