BBC employees exposed after pension scheme hack

Current and former BBC employees had their details exposed after a data breach impacted the organization’s pension scheme, The Guardian has reported.

The British public service broadcaster had launched an investigation after its pension scheme was penetrated by attackers. Reportedly, over 25,000 current and former BBC employees were exposed in the attacks.

The corporation told impacted individuals that it's taking the incident “very seriously,” The Guardian reported. In a letter to impacted individuals, seen by local media, the broadcaster did not specify the nature of the attacks, only confirming that attackers copied data from an online data storage.

Exposed details include names, dates of birth, home addresses, National Insurance numbers, and other details. Losing personal details to attackers poses significant risks, as impersonators can use the stolen data in tandem with names for identity theft.

According to the BBC, its pension scheme benefits over 50,000 people, which means a large chunk of its members have had their details revealed. Exposing journalist names and home addresses could have additional negative impact over the specificity of the occupation.

David Sancho, Senior Antivirus Researcher at Trend Micro, says attackers likely used stolen credentials to access and exfiltrate the stolen data. Since BBC is a well-recognized brand, employing many high-profile personas, the attackers will likely try to benefit from the stolen data, he explained.

“The likelihood that the data will be placed for sale on the dark web is, unfortunately, high and it could be subsequently used by scammers and hackers. Personally identifiable data, like home addresses and national insurance numbers, could inform more sophisticated and personalized cyber-attacks targeting affected BBC pension scheme members,” Sancho said.

Last June, BBC employee details were also exposed after attackers breached a third-party payroll service provider. Attackers obtained the details utilizing the MOVEit Transfer zero-day vulnerability. Microsoft attributed the flaw exploitation campaign to the Cl0p ransomware gang.