U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

BBC disclosed a data breach impacting its Pension Scheme members

The BBC disclosed a data breach that exposed the personal information of BBC Pension Scheme members. The BBC disclosed a data breach that occurred on May 21. Threat actors gained access to files on a cloud-based service belonging to the British public service broadcaster. “The BBC’s information security team has alerted us to a data […]

BBC

The BBC disclosed a data breach that exposed the personal information of BBC Pension Scheme members.

The BBC disclosed a data breach that occurred on May 21. Threat actors gained access to files on a cloud-based service belonging to the British public service broadcaster.

“The BBC’s information security team has alerted us to a data security incident, in which some files containing personal information of some BBC Pension Scheme members were copied from a cloud-based storage service. The files include some Pension Scheme members’ personal information including details such as names, National Insurance numbers, dates of birth and home addresses.” reads the announcement. “The data files involved were copies and there is therefore no impact to the operations of the Scheme which continues as normal.

The incident did not impact the operation of the pension scheme portal, users can continue using it.

The incident exposed the personal information of approximately 25,000 BBC Pension Scheme members, including current and former employees.

The compromised data includes Full names, National Insurance numbers, Dates of birth, Sex, and Home addresses.

The British public service broadcaster investigated the incident with the help of external experts and have already put in place additional security measures. The experts have identified the security breach’s cause and secured it.

The company is contacting all impacted members by either email or post. 

At this time, the company has no evidence that the compromised files have been misused.

“Whilst there is no specific action affected members need to take, it is always important to be alert to data and cyber security.” continues the announcement.

Members are advised to be cautious of any unsolicited communications requesting personal information or unexpected actions, including letters, calls, texts, emails, and web page referrals. The company recommends avoiding responding to, clicking on links, or downloading attachments from suspicious emails.

The company notified the UK’s Information Commissioner’s Office (ICO) and the Pensions Regulator.

BBC did not provide details about the security breach, it confirmed that investigations are ongoing, but at this stage they do not know who is behind the attack.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Known Exploited Vulnerabilities catalog)