THE UK NATIONAL HEALTH SERVICE (NHS) internet presence reportedly has been compromised, with over 800 website URLs having been hacked to serve malware or redirects to adverts.
A Reddit user who goes by the name of Muzzers spotted the attack, and claimed that there are over 800 NHS website URLs that have been compromised so far. At the time of writing it seems that the problem is still ongoing, so we'd advise avoiding NHS websites for now.
Muzzers said, "So while attempting to access flu shot information I stumbled upon a page which redirected me to an advertisement. Digging a bit deeper I found hundreds more pages which redirect to either an advertisement or malware infested page.
"It seems that many pages include these malicious script tags, which then kicks off the whole ordeal. Hiding the script under a malicious url googleaspis.com instead of a valid googleapis.com."
The NHS and Health and Social Care Information Center (HSCIC) have yet to respond to our request for comment. However, the NHS Choices Twitter account said that it is aware of the security issue, and is working on a fix.
Apologies to anyone having trouble navigating our website - we are aware of the issue and currently working to resolve it.— NHS Choices (@NHSChoices) February 3, 2014
However, another Reddit user who claimed to work for the NHS IT department said, "I work in the NHS IT dept, although no one here is dealing with it. They know and it's being actioned."
We've heard back from the NHS, which said a coding error was to blame for the issues. A spokesperson for NHS Choice told The INQUIRER, "An internal coding error has caused an incorrect re-direct on some pages on NHS Choices since Sunday evening," the statement said.
"Routine security checks alerted us to this problem on Monday morning at which point we identified the problem and corrected the code.
“We can confirm that this problem has arisen due to an internal coding error and that NHS Choices has not been maliciously attacked.
"NHS Choices is treating this issue with urgency and once resolved we plan to undertake a thorough and detailed analysis to ensure that a full code review is undertaken and steps put in place to ensure no reoccurrence."
The issue is expected to be fixed by Monday afternoon. µ
Or so says the rumour mill ...
Hello, feeling lucky? Sorry. What's your emergency?
Arrives just days after firm slams Android security as 'lacking' compared to BB10