Adrian Johnson
TLDR:
- The BBC suffered a data breach impacting current and former employees.
- About 25,000 people were affected, compromising personal information such as full names, national insurance numbers, and addresses.
The BBC has disclosed a data security incident involving unauthorized access to files hosted on a cloud-based service, compromising the personal information of BBC Pension Scheme members. The incident impacted roughly 25,000 people, including current and former employees of Britain’s national public service broadcaster. The compromised data includes full names, national insurance numbers, dates of birth, sex, and home addresses. The incident did not expose people’s telephone numbers, email addresses, bank details, financial information, and ‘myPension Online’ usernames and passwords. Impacted individuals will be contacted via email or post, while those not receiving a notification should consider themselves not affected. The UK’s Information Commissioner’s Office (ICO) and the Pensions Regulator have been informed. The BBC has apologized for the incident and advised pension members to remain vigilant. They encourage caution with unsolicited communications asking for personal information. A FAQ page has been published by the BBC with guidance on security measures and credit monitoring services. The type of security incident and any ransomware involvement have not been disclosed at this time.
Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks.
