HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Redington-Fairview General Hospital Targeted with New Telephone Phishing Scam

Patients who have previously received medical services at Redington-Fairview General Hospital in Skowhegan, Maine have been targeted with a new telephone phishing scam.

The criminals behind the phishing scam are attempting to get patients to reveal sensitive financial information and credit card numbers over the telephone by impersonating the hospital.

Two patients have complained to hospital officials about receiving automated calls offering help paying their hospital bills. To date, no one is believed to have fallen for the scam although it is possible that other patients could similarly be targeted.

The calls appear to be coming from a local telephone number owned by the hospital, although that number is not an active extension. A statement from the hospital confirmed that the number has not been configured on the hospital’s communication system. The number appears to have been spoofed.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

It is unclear how the scammers obtained patients’ telephone numbers and spoofed a hospital telephone number, although the hospital does not believe this is an inside job. The hospital has confirmed there has not been a security breach and that its telephone system has not been compromised. Calls to the number – 07-858-2308 – are directed to the hospitals answering service.

The criminals behind the scam are believed to have spoofed the number to make it appear that the calls are coming from the hospital. The hospital does not believe the scammers have access to any personal information of patients and that the aim of the calls is solely to gain access to credit card numbers and/or other financial data.

The matter has been reported to the Skowhegan Police Department and an investigation into the incident has been launched. Patients have been advised that the hospital does not use automated calls and if any calls are received from that number they should hang up and not disclose any information.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.