I got a voicemail from the Kroger pharmacist who told me to call her back. It was definitely the Kroger pharmacy number because I’ve had to call it before, so that was not part of the scam.

However, some scammer who knew who my health insurance company was (I get it through my wife, which ads to the creepiness here) tried to get my personal health data from the Kroger pharmacy. They asked for personal info and the pharmacist said she wouldn’t give it to them but would have me call them back.

She told me all of this when I called her to find out what was up. She gave me the number and the first thing I did was look it up to see if it was legitimate because that just sounded off to me.

Sure enough, the first link that came up was a Facebook post (Why Facebook as the first link in the search? No idea.) warning about that number specifically scamming people by pretending to be my insurance company, followed by other links on other websites talking about it being a scammer source, and not just just for health insurance scamming.

They’ve also somehow fucked with the SEO because in between those were legitimate links to my health insurance company, but that phone number is not on the pages.

I feel really bad for anyone who falls for this, because it was clearly just legitimate enough for the pharmacist to not suggest to me that I should be careful about being scammed. I know exactly who I talked to and she’s a cool lady, so I’m pretty sure she would have if she was sure enough.

Update if anyone is still around: Contacted the state pharmacy board and also went to the local pharmacy and told them about it. I couldn’t figure out the right people to get in touch with at the FBI, but I have a feeling I’m going to have to contact the state attorney general next and ick.

    • w3dd1e@lemm.ee
      link
      fedilink
      English
      arrow-up
      24
      ·
      edit-2
      2 months ago

      UnitedHealth had a massive ransomware attack in Feb and millions of people got their data leaked.

      • LordCrom@lemmy.world
        link
        fedilink
        English
        arrow-up
        13
        ·
        2 months ago

        Not just them. I’ve gotten 3 letters from providers saying data was stolen and 1 from my ins company saying the same.

        It’s a wonder we even try to keep this shit safe anymore where every company with underpaid or incompetent IT/security hold our data.

        • Infynis@midwest.social
          link
          fedilink
          English
          arrow-up
          6
          ·
          2 months ago

          I was recently in college for IT, and my professors said a couple of times that it’s best practice just to assume that all of your info has already been stolen

          • seang96@spgrn.com
            link
            fedilink
            English
            arrow-up
            4
            ·
            2 months ago

            I try to protect it but apparently I got a report that my social got stolen recently. Health insurance sucks, we keep getting massive increase in costs, then swap providers, then my data is stored in more and more systems waiting to be breached.

            • LordCrom@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              ·
              2 months ago

              Hell, my company switches 401k providers every year, another company now gets all my info or I lose my 401k and I have no choice

      • Possibly linux
        link
        fedilink
        English
        arrow-up
        14
        arrow-down
        1
        ·
        2 months ago

        They are required to meet HIPAA. If they aren’t make a storm of it and report them.

    • Fermion@feddit.nl
      link
      fedilink
      English
      arrow-up
      7
      ·
      2 months ago

      I’ve received more healthcare provider PII leak letters in the last couple years than the number of appointments I’ve had. Everyone is so eager to come up with some shiny new software to sell in the healthcare goldrush, but so many of them are absolutely terrible at security.