British govt health site directs visitors to malware

By

Mistyped URL blamed.

An "internal coding error" has been blamed after the web front-end to Britain's National Health Service (NHS) sent visitors to unrelated malware and advertising sites.

British govt health site directs visitors to malware

The bug saw more than 800 web links on the nhs.uk website send visitors to websites showing advertising and malware.

It was fixed by the NHS Health and Social Care Information Centre (HSCIC) on Monday afternoon.

HSCIC said an “internal coding error” caused users to be sent to a mistyped URL. It alleged the owner of the mistyped URL likely took advantage and registered the domain to serve ads and malware to the redirected NHS website visitors.

“We can confirm that this problem has arisen due to an internal coding error and that NHS Choices has not been maliciously attacked,” said a HSCIC spokeswoman on behalf of the NHS Choices website. 

Cigital principal consultant Paco Hope said the incident was proof that developers need to be diligent, not just with their code, but with website links too.

“On the Internet, typos do not go nowhere," he said.

"In this case a simple typo pointed innocent users to the domain owned by the hacker who was prepared and just waiting."

At the time of writing, most of the links had been corrected by the NHS HSCIC.

This article originally appeared at scmagazineuk.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, UK edition
Tags:

Most Read Articles

ADHA readies market test of Accenture's $788m My Health Record deal

ADHA readies market test of Accenture's $788m My Health Record deal

Western Sydney University establishes dedicated data function

Western Sydney University establishes dedicated data function

DeepSeek faces ban from Apple, Google app stores in Germany

DeepSeek faces ban from Apple, Google app stores in Germany

SA Water plans 'once-in-a-generation' core technology uplift

SA Water plans 'once-in-a-generation' core technology uplift

Log In

  |  Forgot your password?