So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC, Holden said.
It is common for hackers to buy and sell access to compromised servers on underground forums.
Buyers view the access as a commodity that grants them the chance to further penetrate the victim organization. They can also use compromised servers to set up command-and-control centers for cyber-crime operations known as botnets, run spam campaigns or launch denial of service attacks to knock websites off line.
(Read more: Hackers' next target? Maybe your facility's control systems)
The BBC offer stands out because the media company is such a high-profile organization, Holden said. "It's definitely a notch in someone's belt."
BBC has some 23,000 staff and is funded largely by license fees paid by every British household with a television.
Justin Clarke, a principal consultant for the cybersecurity firm Cylance Inc, said that while "HASH" was only offering access to an obscure ftp server, some buyers might see it as a stepping stone to more prized assets within the BBC.
"Accessing that server establishes a foothold within BBC's network which may allow an attacker to pivot and gain further access to internal BBC resources," he said.
Media companies, including the BBC, have repeatedly been targeted by the Syrian Electronic Army, which supports Syrian President Bashar al-Assad, and other hacker activist groups that deface websites and take over Twitter accounts.
Last January the New York Times reported that it had been repeatedly attacked over four months by Chinese hackers who obtained employees' passwords.