BBC Suffers Christmas Server Breach

The BBC had one of its servers hacked and access to the machine was sold on underground forums on Christmas day, according to a report.

The broadcaster has declined to comment, but is believed to have fixed the issue with its website, ftp.bbc.co.uk, that allowed hackers to breach it, Reuters reported. It’s not clear what kind of files are handled over that server.

Hackers going by the names of “HASH” and “Rev0lver” were seen selling access to the server on 25 December, Hold Security researchers found.

BBC breached

It’s not uncommon for hackers to sell such access on underground forums. Often, such servers are used to either build up command and control infrastructure, or for further attacks on a target organisation.

“Accessing that server establishes a foothold within BBC’s network which may allow an attacker to pivot and gain further access to internal BBC resources,” warned Alex Holden, founder and chief information security officer of Hold Security.

There is currently no evidence data has been stolen from the server, even though HASH attempted to prove they had accessed the site by showing a file from the BBC machine to other forum users.

The BBC has been hit by hackers before. The Syrian Electronic Army claimed the major broadcaster as one of its scalps earlier this year, having hacked many other media organisations.

A freedom of information (FOI) request revealed in April the BBC had lost 785 tablets, laptops and mobiles over the last three years.

What do you know about Internet security? Find out with our quiz!