The BBC is the world’s leading public service broadcaster. We’re impartial and independent, and every day we create distinctive, world-class programmes and content which inform, educate and entertain millions of people in the UK and around the world.
Sky connects and entertains millions of people across Europe. At the heart of everything we do, is a belief that people deserve better. For decades, we’ve shaken up every category we entered to give people what they love, to make life a little easier and to provide great value. That’s how we bring millions of customers the joy of a better experience in TV, broadband and mobile. In TV, we offer the best sports coverage, unmissable TV and the smartest ways to stream and aggregate the TV you love. In broadband, we power homes and businesses, with a fast, reliable connection. In mobile, we bring people closer, with plans at unbeatable value. And now, you can even keep your home connected and protected, through our smart insurance. We design our products to fit seamlessly into your life, with service whenever and however you need it. That’s how we do better for customers. And we believe in better for society too. We power the cultural economy in the UK and beyond, making award-winning news, original sport, and entertainment. We contribute billions to UK GDP, creating and sustaining thousands of jobs and sharing both our journalism and our coverage of the arts, free of charge. We are cutting emissions and making recyclable, energy-efficient products, and we give back, through free internet access and digital skills for under-served communities and young people. Sky is owned by Comcast Corporation, a global media and technology company.
Security & Compliance Standards Overview
BBC has 0.0% fewer incidents than the average of same-industry companies with at least one recorded incident.
No incidents recorded for Sky in 2025.
BBC cyber incidents detection timeline including parent company and subsidiaries
Sky cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.
A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."
MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.
A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).
