View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
February 4, 2014

UK NHS website error redirects visitors to malware site

Over 800 web pages on redirected users to malware hit pages.

By CBR Staff Writer

An ‘internal coding error’ on the NHS website redirected its users to malware-hit websites that pinched personal information from their PCs.

Hackers have flooded hundreds of URLs on the NHS website with malware, which reportedly compromised about 800 pages on the site sending users to websites that serve advertising and malware.

NHS said in a statement that the site had not been hit with malicious attacks and it had fixed the problem.

"An internal coding error has caused an incorrect redirect on some pages on NHS Choices since Sunday evening," the statement added.

"Routine security checks alerted us to this problem on Monday morning at which point we identified the problem and corrected the code."

"NHS Choices is treating this issue with urgency and once resolved we plan to undertake a thorough and detailed analysis to ensure that a full code review is undertaken and steps put in place to ensure no reoccurrence."

According to reports, hackers took advantage of ‘internal coding error’ that redirected users to the mistyped URL and then registered the mistyped URL to serve adverts and malware to inadvertently redirected visitors from the NHS Choices website since Sunday evening.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

"Last night someone in the Czech Republic took ownership of the incorrectly spelt domain it was referring to; the correctly spelled one is actually owned by Google," the statement added.

"Although the typo existed in NHS Choices code, until the point the domain name was purchased, this was not causing any issues."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.