More than 800 web pages run by the NHS have been compromised by hackers, redirecting visitors to malicious websites serving up adverts and malware.
The problem was discovered by a user of social news platform Reddit. The user, Muzzers, discovered the attack and said over 800 URLs belonging to the NHS had been compromised.
"While attempting to access flu shot information I stumbled upon a page which redirected me to an advertisement. Digging a bit deeper I found hundreds more pages which redirect to either an advertisement or malware-infested page," Muzzers posted on Reddit.
"It seems that many pages include these malicious script tags, which then kicks off the whole ordeal. Hiding the script under a malicious url googleaspis.com instead of a valid googleapis.com."
The problem affected users over Sunday night but wasn't fixed until Monday. In a statement, a spokeswoman for NHS Choices said a coding error was to blame for the redirection to a malware site. A simple misplaced letter "s" in a domain embedded in the code caused the error, as a developer had typed googleaspis.com instead of googleapis.com.
"Routine security checks alerted us to this problem on Monday morning at which point we identified the problem and corrected the code," said the spokeswoman.
"We can confirm that this problem has arisen due to an internal coding error and that NHS Choices has not been maliciously attacked. NHS Choices is treating this issue with urgency and once resolved we plan to undertake a thorough and detailed analysis to ensure that a full code review is undertaken and steps put in place to ensure no recurrence."
All the links have now been fixed by the NHS Health and Social Care Information Centre (HSCIC).
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
NHS supplier hit with £3m fine for security failings that led to attackNews Advanced Computer Software Group lacked MFA, comprehensive vulnerability scanning and proper patch management
-
Cyber attack delayed cancer treatment at NHS hospital
News A cyber attack at Wirral University Teaching Hospital in 2024 delayed critical cancer treatment for patients, documents show.
-
Alder Hey Children’s Hospital confirms hackers gained access to patient data through digital gateway serviceNews Europe’s busiest children’s hospital confirmed attackers were able to steal data from a compromised digital gateway service
-
Major incident declared as Merseyside hospitals hit by cyber attackNews The incident, which has led to cancelled appointments, is just the latest in a series of attacks on healthcare organizations
-
Thousands of procedures canceled at London hospitals as Qilin releases blood test dataNews The attack on blood testing company Synnovis continues to affect patients, while the ransomware group follows through with its threats
-
Ransomware group threatens to publish 3TB of stolen NHS Scotland data after posting proof of attackNews NHS Dumfries and Galloway has confirmed some of the sensitive data stolen during the 15 March attack has been published by a known ransomware operator
-
Attack on third-party software vendor disrupts NHS ambulance servicesNews The ambulance services serve more than 10 million people across the south of England
-
NHS data leak raises ‘serious questions’ about Manchester University cyber attackNews NHS patient data used for research purposes is believed to have been compromised in the June attack
