NHS Scotland-linked domains push pr0n and illegal streams • The Register
NHS Scotland-linked domains push pr0n and illegal streams • The Register
https://www.theregister.com/2026/04/08/scotland_nhs_domain_compromised/
Publish Date: 2026-04-08 06:00:00
Source Domain: www.theregister.com
Multiple domains belonging to Scottish healthcare providers have been hijacked and are now pushing links to adult content and illegal sports streams, according to a researcher.
First spotted by Nick Hatter, a former cybersecurity engineer turned psychotherapist and life coach, an influx of links hosted on a domain belonging to The New Surgery in Kilmacolm, near Glasgow, flooded Google’s index in recent days.
On closer inspection, some seem to have been created as far back as January.
The landing page for the domain is not the one currently used by the practice, but it was likely used previously, given the scot.nhs.uk namespace appears to belong to a US-based web developer as a guise for the illicit content it now hosts.
The Register asked NHS Greater Glasgow and Clyde (NHSGGC), Scotland’s largest health board and the one that oversees The New Surgery, to comment.
A spokesperson for NHSGGC said: “NHS Greater Glasgow and Clyde’s cybersecurity team is working with Public Services Delivery Scotland’s Cyber Centre of Excellence to support an independent GP practice after being made aware that a legacy website had been compromised. This affects a legacy website that was independently set up and managed by the GP practice, and there is no evidence the practice’s primary website, or any NHS Scotland systems locally or nationally, were compromised.”
We also contacted NHS National Services Scotland (NSS), which administers the scot.nhs.uk domain.
In a statement, Scott Barnett, Chief Information Security Officer, Public Services Delivery Scotland, said: “Our NHS Scotland Cyber Centre of Excellence (CCoE) was made aware of a security issue affecting a legacy website associated with a local GP practice.
“At this time, we are not aware of personal or sensitive data exposure as a result of this incident. There is also no…
