Office for Nuclear Regulation

This website uses non-intrusive cookies to improve your user experience. You can visit our cookie privacy page for more information.

Security breaches

Information requested

  1. How many times was security at Britain's nuclear power stations breached between 01/01/2013 and 31/12/2013?
  2. Please provide a location and short description of each security breach in 2013 (NB I am not looking for a detailed breakdown of the circumstances but information such as "person arrested for climbing fence", for example)
  3. How many incidents, if any, resulted in a police investigation?
  4. How many times was security breached in 2012/2011/2010.

Information released

  1. Reports of security events by operators of nuclear power stations are made under Regulation 10 (NISR 2003). In 2013, 42 reports were made under Regulation 10.

    It's worth noting that the vast majority of these reports were made as a result of a dutyholder's failure to comply with a certain aspect or procedure detailed in the approved site security plan. None of the events were categorised as being of major significance, 2 were moderate, 36 minor and 4 of no significance.

    Major events involve a total loss of defence in depth such that nuclear or other radioactive material, or SNI, is unacceptably vulnerable to theft or sabotage, or where malicious acts have been carried out against the site. Moderate events are those where there has been a significant departure from expected standards; this may involve loss of more than one layer of defence in depth. Minor events are where there has been a breach of standards or procedures that result in low risk to overall security regime. Events rated 'none' represent anomalies or other events which do not impact on the security regime.

    ONR encourages this reporting of minor events as it supports learning from experience within the industry, though in many cases, reports made under Regulation 10 have little or no impact on the overall security regime due to the inherent defence in depth that is built in the system. Typical examples include sending protectively marked information by email without the correct level of encryption or failures of security equipment such as CCTV or security door contact alarms. We are not aware of any events resulting in the loss/sabotage of nuclear/radiological material or compromise of any sensitive nuclear information. No reports were made under Regulation 10 in this period which, in the opinion of ONR, constituted a serious breach of security.
  2. With regard to the location and short description of each security breach requested, we have reviewed the information concerned and it is assessed as falling within the description of exempted information under Section 24 - National Security - of the FoI Act. This is a qualified exemption, so is subject to a public interest test.
  3. Over the period 2010-2013, we are only aware of two incidents in 2010 resulting in the police being called to the scene, but in neither case was a police investigation or prosecution considered necessary.
  4. In 2012 there were 121 reports made under Regulation 10 (0 major, 4 moderate, 107 minor and 10 of no significance). In 2011 there were 116 reports made under Regulation 10 (0 major, 6 moderate, 103 minor and 7 of no significance). In 2010 there were 145 reports made under Regulation 10 (0 major, 12 moderate, 128 minor and 5 of no significance).

Exemptions applied

FOIA - Section 24 - National Security

PIT (Public Interest Test) if applicable

Arguments for disclosure

There is a public interest in knowing about security breaches at nuclear sites.

Arguments against disclosure

Revealing information about specific breaches of security could enable the collation and trending of such data to indicate potential patterns, thereby leading to the identification of potential vulnerabilities.

Conclusion

It would not be in the public interest to reveal information that could lead to the commitment of a malicious act, so it is my view that the arguments favour withholding the information.