Voldemort causes havoc at Sellafield – nuclear risks and insurance policies

26 January 2024

Sellafield is a nuclear decommissioning and waste management site. Located in Cumbria, UK it has the largest store of plutonium on the planet and is a rubbish dump for nuclear waste from weapons programmes and decades of atomic power generation.

Radioactive waste leak

In December 2023, the Guardian (beating Rita Skeeter to the story) revealed that Sellafield nuclear site has a leak from a large silo of radioactive waste, risking contaminating groundwater and impacting public health. Nuclear safety, asbestos and fire standard issues were also identified. Safety concerns are said to include lack of functioning alarms at some storage ponds containing nuclear materials and a string of contamination and radiation protection incidents.

David Peattie CEO of the Nuclear Decommissioning Authority said in response to a letter from the Secretary of State Department for Energy Security and Net Zero regarding the allegations made by the Guardian:

“In September 2019 further evidence of a leak was detected. We do not know the exact location of its origin however we know it emanates from the oldest part of the facility which is constructed of six single skin concrete structures which are all hydraulically linked. Whilst Sellafield is undertaking work to try and identify the exact source of the leak, our default position is to assume that it will stop when the waste and hence the water from the entire facility has been emptied. We have explored the feasibility of removing the water in advance of waste retrieval but to do so would create further difficulties.”

Safety concerns have caused diplomatic tensions with The United States, Norway and Ireland. A 2001 EU report warned that an accident at Sellafield could be worse than Chernobyl, due to it containing significantly more radioactive material.

Cybersecurity concerns

The Guardian has also reported that insecure servers at the site, nicknamed ‘Voldemort’ after the Harry Potter villain, contain highly sensitive data. Alleged cybersecurity and hacking incidents by groups linked to Russia and China, have no magic fix and could be exploited by Britain’s enemies.

It is alleged that Sellafield failed to alert nuclear regulators that its IT systems had been compromised for several years. Last year, it was placed into a form of “special measures” for consistent failings on cybersecurity. The Office for Nuclear Regulation (ONR) is believed to be preparing to prosecute Sellafield for cyber failings.

David Peattie responded to these allegations stating that:

“we have no record or evidence of any such cyber-attack which resulted in malware on Sellafield systems.”

What does this mean for the insurance industry?

Private sector insurance is (unsurprisingly) unavailable for a number of risks at Sellafield. Rutherford Indemnity Ltd, a wholly owned subsidiary of the Nuclear Decommissioning Authority, provides a number of indemnities in relation to the site.

However, there is clearly potential for widespread public health implications and environmental damage. Radiation exposure causes a range of health issues including nausea, vomiting, cardiovascular disease, cataracts and cancer.

Sellafield highlights the unique risks associated with nuclear facilities. Insurers should be aware of these risks and include comprehensive broad exclusions, where appropriate (in almost all policies), against nuclear losses. Time to check that nuclear exclusions are in all your policies and are robustly worded?

Adapting to change or falling behind? The FCA under fire from the National Audit Office