A North Carolina-based healthcare organization has reportedly discovered that malicious code had been contained on its e-commerce site for three years. Mission Health, based in Asheville, N.C., says payment card information was compromised. A recent study by IBM found that, on average, companies take about 206 days to identify a breach and 73 days to contain it. An important lesson to be learned from the Mission Health incident is that any organization that handles personally identifiable information should perform technical security assessments to ensure that it has effective information security practices.”]
Source: https://www.cuinfosecurity.com/healthcare-e-commerce-site-breach-undetected-for-years-a-13273