Hundreds of page of UK’s National Health Service (NHS) website were known to redirect users to malware infested website it has been revealed.
First noticed and reported by Reddit user Muzzers, over 800 pages of NHS website were either redirecting users to an advertisement or malware laden websites.
NHS claimed that the website wasn’t attacked or hacked, but an ‘internal coding error’ caused the issue. “An internal coding error has caused an incorrect redirect on some pages on NHS Choices since Sunday evening,” said NHS in a statement.
“Routine security checks alerted us to this problem on Monday morning at which point we identified the problem and corrected the code”, NHS added.
NHS has revealed that the coding error was due to a typo wherein a developer accidentally wrote “googleaspis.com” instead of “googleapis.com”. The typo wasn’t noticed until the domain was registered by someone in Czech Republic and utilised to capitalise on the error.
NHS has also revealed that once it ensures that the coding error has been resolved across the website, it will conduct a full review of the site and will put into place steps that will ensure that such issues don’t reoccur.
