Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

BBC Data Breach Impacts 25,000 Employees

The BBC has disclosed a data breach impacting over 25,000 current and former employees, but the incident did not involve ransomware.

The BBC is informing current and former employees about a data breach discovered by its information security team.  

The UK media giant said it detected a “data security incident” involving files that stored information on BBC Pension Scheme members. 

The files, copied by an unidentified entity from a cloud storage service, included information such as names, National Insurance numbers, home addresses, and dates of birth.

The BBC said information such as phone numbers, email addresses, usernames, passwords, bank accounts or other financial information have not been exposed. The Pension Scheme website and the member portal were not impacted. 

“It is also important to note that analysis undertaken by our specialist teams currently shows no evidence that the affected files have been misused,” the BBC said, adding, “The data files involved were copies and there is therefore no impact to the operations of the Scheme which continues as normal.”

The Guardian learned that more than 25,000 current and former employees are impacted by the data breach. 

The BBC said there is no indication that this was a ransomware attack, but it has not provided any other information about the incident. 

This is not the first time the BBC has been impacted by a data breach. Last year, the company was one of the many victims of the MOVEit hack, in which cybercriminals exploited a zero-day vulnerability to steal data from hundreds of organizations. 

Advertisement. Scroll to continue reading.

Related: Media Giant News Corp Discloses New Details of Data Breach

Related: The UK Says a Huge Payroll Data Breach by a ‘Malign Actor’ Has Exposed Details of Military Personnel

Related: Christie’s Confirms Data Breach After Ransomware Group Claims Attack

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Data security startup Reco adds Merritt Baer as CISO

Chris Pashley has been named CISO at Advanced Research Projects Agency for Health (ARPA-H).

Satellite cybersecurity company SpiderOak has named Kip Gering as its new Chief Revenue Officer.

More People On The Move

Expert Insights