Hang on a mo...

I thought these routers/hubs could not be accessed remotely, apart from the backdoor that would be used by Plusnet/BT to update the firmware (TR069)

Yet BSC (as identified in the tracert) has breached the routers firewall, bypassed or was able to obtain the routers admin password so it could then sit on the OPs LAN to complete the trace route. A quick google shows that BSC is mentioned on a Plusnet Business Teams site

Due to the BSC name given it doesn't look like the OP was asked to join a remote session

If this is possible, why are we asked to post up these results if PN already can remotely carry out this task...? And more importantly if they can get that far in, what's keeping hackers and/or viruses out!!!

Should we be worried or am I missing something obvious???

TR-069 could also be used to change any setting on the router.

The trace itself looks like it was done from a Windows computer. Or it could have merely been an example, or Plusnet could have set up the OP's account on a test line in their offices and tested it there.

I know what you're saying, but it was either on the beta BT forums or possibly their replacement community ones where this (TR069) was discussed in detail with BT forum mods (staff). I know on one thread I mentioned that I had an unknown device on my lan when using a BTHH and was told by BT that they couldn't access our LAN. After deleting this unknown device it never returned... (I also named every device that I allowed to connect which ruled it out as being one of these)

It's how the OP has written their post that got my attention. It gives the impression that Plusnet have been checking the connection whilst the OP was using it and remotely accessed the LAN to complete the test.

I gave no permission for plusnet to access my lan. My router admin password was changed when I first had the router. I do have remote access enabled but I have set that password.

p.s. What's TR-069?

TR 069 is basically remote management - https://en.wikipedia.org/wiki/TR-069

Something just doesn't sound right to me.

What router are you using?

It's the router supplied by plusnet: Technicolor TG582n with an openreach modem.

from wikipedia ref tr-069:

The compromise of an ISP ACS server or the link between an ACS and CPE by unauthorized entities, including hackers and (domestic and foreign) government agencies, can give access to an entire ISP's subscriber base's routers (with TR-069 enabled). All the above-mentioned information and actions would be available to the potential attackers, including MAC addresses of all clients connected to the router, covert redirection of all DNS queries to a rogue DNS server, and even a surreptitious firmware update which may contain a backdoor to enable covert access from potentially anywhere in the world.[5] Through a recent study of TR-069 ACS implementations, Check Point's Malware and Vulnerability Research Group uncovered several flaws in solutions from ACS vendors, since some xSPs do not implement TR-069 ACS software in a secure manner.[6]

How does that traceroute compare with one that you do yourself?

Tracing route to bbc.co.uk [212.58.244.22]
over a maximum of 30 hops:

1 1 ms 2 ms 2 ms 192.168.1.254
2 10 ms 9 ms 9 ms lo0.central10.pcn-bng02.plus.net [195.166.130.249]
3 10 ms 11 ms 9 ms 411.be6.pcn-ir02.plus.net [84.93.253.79]
4 10 ms 10 ms 9 ms 195.99.125.144
5 13 ms 10 ms 10 ms peer2-et-1-3-0.telehouse.ukcore.bt.net [195.99.127.23]
6 11 ms 11 ms 11 ms 194.74.65.42
7 * * * Request timed out.
8 * * * Request timed out.
9 10 ms 16 ms 10 ms ae0.er02.telhc.bbc.co.uk [132.185.254.105]
10 15 ms 11 ms 13 ms 132.185.255.148
11 11 ms 11 ms 10 ms 212.58.244.22

Trace complete.

Sorry for the delay in replying, I'm disabled and got in to a bit of a predicament all good now fttb

I do recall BT being able to get to the openreach modem, as can the end user, so it could be from there where s/he gained those results - I am open to being corrected. If it was from your side of the router then it still doesn't appear to be right even if you have remote management on - though again open to being corrected.

I'm not saying you could or should, be possibly turning off remote management and say for example you need to gain access to a home PC whilst you're out, something like teamviewer may be something to consider - I have no commercial interest in teamviewer, it's something my son uses to gain access to his PC using his mobile phone when he's out. There are of course many others out there.