A vaccine information website managed by the U.S. Department of Health and Human Services (HHS) has been compromised and defaced with what appears to be AI-generated spam content. This unauthorized alteration, which has reportedly persisted since at least May 12, replaced legitimate vaccine-related information with unrelated material predominantly featuring LGBTQ+ themes.
The exact origin of the intrusion and the motivation behind this defacement remain unclear. However, the incident appears to be part of a larger, coordinated spam operation. Recent investigations have identified similar attacks targeting other prominent websites belonging to institutions like Stanford University, NPR, and technology giant Nvidia. These sites were reported to redirect users to SEO-driven pages filled with nonsensical, machine-generated content hosted at the domain wowlazy.com.
Cybersecurity analysts note that U.S. government-hosted websites have occasionally faced past breaches, being leveraged by attackers to disseminate fraudulent advertisements and malicious hacking services. As of now, the Department of Health and Human Services has not publicly commented or provided additional information regarding the security compromise.
