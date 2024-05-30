Researcher at global cybersecurity company reacts to BBC data breach

May 2024 by David Sancho, Senior Antivirus Researcher, Trend Micro

After BBC data breach, the comment from David Sancho, Senior Antivirus Researcher at global cybersecurity company Trend Micro in response to the news that the BBC has fallen victim to a data breach, with more than 25,000 current and former employees having their data exposed, including national insurance numbers and home addresses via a compromise of the BBC pension scheme.

"While details are light at this stage, we can already make educated estimates about the cause of the BBC Pension Scheme data breach and what could happen next.

"The BBC’s statement describes the breach occurring as a result of data being copied from an online data storage service. My interpretation of that statement is that malicious actors broke into said online data storage service, using stolen credentials, to access and exfiltrate the data. This comes off the back of the BBC falling victim to a ransomware attack last summer – highlighting the major target that large, well-known organisations have on their back as far as cyber criminals are concerned. However, it’s worth noting that the BBC has been explicit that no ransomware is involved in this specific breach.

"We probably haven’t heard the last of this breach. The likelihood that the data will be placed for sale on the dark web is, unfortunately, high and it could be subsequently used by scammers and hackers. Personally identifiable data, like home addresses and national insurance numbers, could inform more sophisticated and personalised cyber-attacks targeting affected BBC pension scheme members. There could be TV presenters and high-profile people among them, targeted specifically with extortion schemes. Ultimately, those impacted by the breach will need to exercise extra vigilance over the coming months. When hackers come into possession of sophisticated data – they can often wait until using that data to strike with a targeted attack when the intended victim could feasibly have their guar