A year-long investigation conducted by The Guardian has revealed that Sellafield, the UK's most hazardous nuclear site, has been hacked into by cyber groups closely linked to Russia and China. The senior staff at the nuclear waste and decommissioning site have consistently covered up the potential effects of the breach. The authorities do not know precisely when the IT systems were first compromised, but sources suggest that breaches were detected in 2015. It is still unknown if the malware has been eradicated, which may mean that some of Sellafield's most sensitive activities have been compromised. The full extent of any data loss and ongoing risks to systems was made harder to quantify due to Sellafield's failure to alert nuclear regulators for several years.
Furthermore, sources at the Office for Nuclear Regulation (ONR) indicate that Sellafield was placed into "special measures" last year due to consistent cybersecurity failings. The ONR confirmed that Sellafield is not meeting its cyber standards and that individuals there are understood to be being prosecuted for cyber failings.
What is this page?
You are reading a summary article on the Privacy Newsfeed, a free resource for DPOs and other professionals with privacy or data protection responsibilities helping them stay informed of industry news all in one place. The information here is a brief snippet relating to a single piece of original content or several articles about a common topic or thread. The main contributor is listed in the top left-hand corner, just beneath the article title.
The Privacy Newsfeed monitors over 300 global publications, of which more than 4,350 summary articles have been posted to the online archive dating back to the beginning of 2020. A weekly roundup is available by email every Friday.