Health system alerts some customers to data breach

ASHEVILLE, N.C. (AP) — A health system that serves western North Carolina has contacted an undisclosed number of people about a data breach involving its e-commerce website.

The Citizen-Times reports Mission Health said it recently “identified and addressed” a security incident involving information consumers provided when making purchases through its online store.

Mission said in a letter obtained by the newspaper that it determined malicious code was inserted into the website’s legitimate code and was sending payment information to “an unauthorized person.” The letter says the malicious code was present for over three years, ending this June.

The health system says names, addresses, and payment card information may have been compromised but no medical records were involved.

A Mission spokeswoman said affected consumers were notified and offered a free year of credit monitoring. It is rebuilding the online store.

___

Information from: The Asheville Citizen-Times, http://www.citizen-times.com