While it is not known if the hacker found any buyers, the BBC's security team responded to the issue on Saturday and believes it has secured the site, according to a person familiar with the cleanup effort.
A BBC spokesman declined to discuss the incident. "We do not comment on security issues," he said.
It is not known whether the hackers stole data or caused any damage in the attack, which compromised a server that manages an obscure password-protected website.
The attack was first identified by Hold Security LLC, a cybersecurity firm in Milwaukee that monitors underground cyber-crime forums.
The firm's researchers observed a notorious Russian hacker known by the monikers "HASH" and "Rev0lver," attempting to sell access to the BBC server on December 25, according to the company's founder and chief information security officer, Alex Holden.
"HASH" sought to convince high-profile hackers he had infiltrated the site by showing them files that could only be accessed by somebody who really controlled it, Mr Holden said.
So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC.
It is common for hackers to buy and sell access to compromised servers on underground forums.
Buyers view the access as a commodity that grants them the chance to further penetrate the victim's organisation. They can also use compromised servers to set up command-and-control centres for cyber-crime operations known as botnets, run spam campaigns or launch denial of service attacks to knock websites off line.