Cyber Incident Victim: British Broadcasting Corporation
Date:
Dec 2015
Location:
United Kingdom
Summary
The BBC experienced a widespread outage across its websites and associated services, including iPlayer and iPlayer Radio, due to a distributed denial of service attack that overwhelmed its infrastructure with excessive traffic. Visitors encountered error messages as the attack disrupted normal operations for several hours, with partial functionality restored gradually and full normal operations confirmed later that day. The organization acknowledged the disruption as a technical issue during the incident and apologized for the inconvenience, though it did not explicitly confirm the attack's role in the outage. Social media users expressed frustration over the downtime, highlighting the prolonged restoration efforts for some pages and indexes.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On December 31, 2015, the BBC's digital services experienced widespread disruption beginning at approximately 0700 GMT when all BBC websites became inaccessible to visitors. The outage manifested as error messages replacing normal webpage content across the corporation's primary online properties. Internal sources attributed the incident to a distributed denial of service (DDoS) attack, though the BBC's initial public communications characterized it as a "technical issue" in a statement posted via Twitter. The attack simultaneously affected multiple critical services beyond the main BBC website, including the iPlayer video-on-demand platform and the iPlayer Radio application, rendering them nonfunctional. This coordinated disruption stemmed from attackers overwhelming BBC infrastructure with excessive traffic volumes beyond system capacity thresholds, a hallmark technique of DDoS operations.
Technical restoration efforts progressed unevenly throughout the morning, with core website functionality largely returning by 1030 GMT, though residual performance issues persisted in specific sections and index pages that loaded slower than usual. The BBC confirmed full service restoration at midday through an official statement declaring operations had returned to normal, accompanied by an apology for user inconvenience. Public reaction on social media platforms reflected significant user frustration regarding both the duration of the outage and the delayed service recovery. Historical context revealed prior infrastructure vulnerabilities, notably a July 2014 incident where iPlayer services remained offline for nearly 48 hours due to database failures, though no technical connection between these separate events was established in available reporting. The BBC did not publicly confirm or deny the DDoS attack hypothesis in its final communications regarding the disruption.