The BBC received an unwanted gift for the holidays, an unwanted intruder. The famous national broadcaster had a computer server of theirs hacked by a Russian criminal using the handles “Hash” and “Rev0lver.” It is unknown if they had any customers, but the criminal had attempted to sell illegal access to the server.
Michigan based cyber security company Hold Security LLC, which monitors security breaches by searching for blackmarket stolen data that's for sale and traces it back to its source, was first to publicize the attack. The company had been keeping tabs on the infamous villain “Hash,” when they made the discovery.
Alex Holden, chief information security officer at Hold Security, stated publicly regarding the stolen data (via BBC News):
“The only other information that I can offer is that the hacker was offering a screenshot proving that he had administrative access to the BBC server. It was solid technically convincing evidence.”
The hacker reportedly gained access to the server by infiltrating a file transfer protocol (ftp) server, which is usually used to transfer larger data files over the internet.
While this may seem mundane, that ftp server could be used to gain much wider access to other information in BBC’s system.
Professor Alan Woodward from the University of Surrey's Department of Computing, explained to BBC News:
"The bigger worry is that FTP servers are connected to the remainder of the network and often have easy access to other servers to facilitate internal file transfers, which is how a hacker can then use this as a jumping off point to explore other servers on the network.”
The BBC has refused to acknowledge the incident.
A BBC spokesman said: "We do not comment on security issues."
Whatever...you had better get it together over there BBC.
© 2025 Classicalite All rights reserved. Do not reproduce without permission.
