Michael Gove spoof article on hacked DfE website

It might seem an unlikely policy direction for the education secretary, but until Monday this article was being hosted on the Department for Education’s website.

The headline declaring that “Michael Gove decides to teach all children himself” came complete with a picture of a smiling Mr Gove himself.

The piece appeared on the site after it was apparently hacked, but despite the DfE being alerted to the problem, it took a month for the article to be taken down and the problem fixed.

The breach was highlighted by tech expert and blogger Terence Eden, who has been writing a series of blog posts about the lack of security in government websites.

Mr Eden said the hacking of the DfE website should be a major concern for the Whitehall department and added that the content displayed could have been a lot more serious.

“It means the website could have been used to host spam or redirect people to viruses,” he said. “People could have displayed a lot worse.”

According to Mr Eden, the situation highlighted the problem with outsourcing control over areas such as web security to external companies.

The problem was reported to the external firm, Texuna, on 5 February but the bug was not fixed until 3 March.

The article claimed that the Conservative politician had “unveiled plans to single-handedly teach every child in the UK” in a single “cavernous classroom” filled with 14 million school children.

A DfE spokesperson said that officials had taken action to investigate this matter, adding that it was now resolved.

"There is no evidence that EduBase has been tampered with," the spokesperson said. "No personal data has been put at risk. EduBase does not hold sensitive information like individual pupils’ exam results or their addresses.

“We already have extra safeguards in place for systems holding sensitive data. These have not been affected by this matter, and we routinely inspect and test them to ensure they are safe from attack.”