US Vaccine Site Hacked with AI Spam

Government Health Portal Compromised by AI-Generated Content

A critical U.S. government vaccine information website has been hacked and replaced with AI-generated spam content, according to archived records. The compromised Spanish-language version of vaccines.gov, operated by the Department of Health and Human Services, has been displaying strange content since at least May 12.

Disturbing Pattern of Digital Vandalism

Security researchers discovered the defaced site now hosts what appears to be low-quality AI-created posts, predominantly featuring LGBTQ+-theamed content with no connection to public health information. Archive.org snapshots confirm the page has remained in this compromised state for weeks without being taken down or restored.

Broader Spam Operation Uncovered

Investigative journalists at 404 Media revealed this incident is part of a larger malicious SEO spam campaign targeting high-profile domains. Other affected sites include properties belonging to:

• Stanford University
• NPR
• Nvidia

All compromised sites reportedly redirect to a single AI-generated spam portal hosted on wowlazy.com, described by reporters as “a nonsense SEO spam page” with questionable content.

Government Cybersecurity Under Scrutiny

This breach follows previous incidents where government domains were hijacked to host:

• Scam advertisements
• Illegal hacking services
• Malicious redirects

The HHS has not responded to inquiries about the ongoing cybersecurity incident, raising concerns about response times for critical digital infrastructure compromises. As of publication, the spam content remains accessible on the former vaccine information portal.

Experts warn such attacks demonstrate growing sophistication in AI-powered website defacement, where automated systems can generate and maintain compromised content with minimal human intervention. The motive behind this particular attack remains unclear, though it appears primarily focused on spreading spam rather than stealing data.