1. Forum
  2. FidoNet
  3. CONSPRCY

  • NHS Scotland domains repo

    From Mike Powell@1:2320/107 to All on Thursday, April 09, 2026 09:49:06
    NHS Scotland domains reportedly found serving adult content and illegal sport streams

    Date:
    Thu, 09 Apr 2026 09:58:04 +0000

    Description:
    A legacy website was compromised and used to promote inappropriate content,
    but has since been defaced.

    FULL STORY
    The legacy website of a Scottish NHS
    trust was seemingly hacked and used to distribute pornography, illegal sports streams, and other inappropriate content.

    Former cybersecurity expert Nick Hatter took to X to warn the UK government
    and other relevant parties about a breach at a government website:
    NHSScotland has been hacked and is linking to porn sites, malware, gambling, amongst other nasty things, he said, before sharing a list of compromised
    URLs. Please check your patient records have not been compromised, he added.

    Defaced website -- Investigating the matter further, The
    Register found the site belongs to The New Surgery in Kilmacolm, near
    Glasgow, but that it is not the one currently being used by the practice.

    The New Surgery's current domain is www.thenewsurgery.scot.nhs.uk, while the compromised one is thenewsurgery-kilmacolm-langbank.scot.nhs.uk. Looking at
    the website now, it is completely defaced, and carries a large NHS Scotland logo with a short message:

    Due to unforeseen technical issues, the "The New Surgery (Kilmacolm)" website is currently unavailable. We are working to resolve the issues and hope to
    have the site back up as soon as possible. Someone has obviously taken
    notice.

    A spokesperson for the NHS Greater Glasgow and Clyde (NHSGGC), Scotland's largest health board and the one that oversees The New Surgery, told The Register its cybersecurity team was now working with Public Services Delivery Scotland's Cyber Centre of Excellence to support an independent GP practice after being made aware that a legacy website had been compromised.

    This affects a legacy website that was independently set up and managed by
    the GP practice, and there is no evidence the practice's primary website, or any NHS Scotland systems locally or nationally, were compromised."

    The NHS National Services Scotland (NSS), which administers the scot.nhs.uk domain, said its not aware of any personal or sensitive data exposed as a result of the incident. Primary websites, as well as NHS Scotland systems locally and nationally, have not been compromised.

    Link to news story: https://www.techradar.com/pro/security/nhs-scotland-domains-reportedly-found-s erving-adult-content-and-illegal-sport-streams

    $$
    --- SBBSecho 3.28-Linux
    * Origin: Capitol City Online (1:2320/107)