KFN Original Reporting · Public Campaign · Won
Twilio Cut the Phones — and Low-Income Dental Patients Are Left in Pain
Published July 1, 2026 · Updated with resolution
A small dental practice serving low-income patients on California's Denti-Cal program has been without working phone lines for more than a week. Twilio suspended the account after fraudulent API charges — then refused to restore service, release the clinic's phone numbers, or waive a $4,403 balance the owners say they did not incur. The people paying the price aren't Twilio executives. They are patients with toothaches, infections, and dental emergencies — and no other way to reach their dentist.
The patients left in pain
This is not an abstract telecom dispute. It is a care crisis for a community that has nowhere else to go.
Denti-Cal is California's Medicaid dental program — the safety net for low-income families, seniors on fixed incomes, people with disabilities, and working parents who cannot afford private dental care. For most of these patients, the phone is the only way to reach the clinic. There is no patient portal. No app. No email alternative. When the line goes dead, care stops — but the pain doesn't.
- Toothaches go untreated. Patients calling to report throbbing pain, swelling, or broken teeth reach silence — not a nurse, not a scheduler, not an emergency line.
- Infections worsen. Dental abscesses can spread and become life-threatening. Without a working phone, patients cannot get antibiotics prescribed, follow-up appointments scheduled, or post-surgical complications addressed.
- Emergencies go unanswered. Bleeding gums after extraction, severe pain after a procedure, a child's knocked-out tooth — these calls are not going through.
- The most vulnerable are hit hardest. Many Denti-Cal patients are elderly, do not use smartphones for online booking, and rely entirely on a phone call to access the only dental provider they can afford.
The clinic says its business has been effectively closed for more than a week. Twilio's support team has marked ticket #27684593 "solved" — while patients keep dialing numbers that no longer connect.
"We are dental clinic catering to low income population (denti-cal). We don't have this amount of money to pay… These expenses are way more than the charges Twilio is claiming us to pay."
— Reena Gupta, clinic owner, in correspondence with Twilio Consumer Trust Support
What happened
In mid-June 2026, Twilio suspended the telecommunications account used by a dental clinic — including its Sterling Periodontics subaccount — after flagging unauthorized API activity originating from IP address 83.244.36.155 in the Palestinian Territory. Twilio's Consumer Trust Support team told the clinic the fraudulent traffic generated call and messaging charges totaling $4,403.81.
The clinic, which serves patients on Denti-Cal — California's Medicaid dental program for low-income residents — had used the Twilio account without incident for many years. The owners say they are not technically sophisticated and had no ability to detect or stop the unauthorized API usage before Twilio intervened.
The hostage situation
Twilio's response has left the clinic in an impossible position:
- Phone lines are dead. Patients with tooth pain, infections, and dental emergencies cannot call to schedule appointments, ask about prescriptions, or reach the office. The clinic says its business has been effectively closed for more than a week — while suffering continues on the other end of a disconnected line.
- Numbers cannot be ported. While the account is suspended, the clinic cannot transfer its phone numbers to another carrier — locking them inside a Twilio account they cannot use.
- Payment is demanded before any relief. Twilio's support team — including representatives Miguel P., John T., and Daniel — repeatedly told the clinic it must pay the full $4,403.81 balance before the account can be reactivated.
- A partial refund is offered only after payment. Twilio said it would explore a "one-time courtesy partial refund" for the fraudulent charges — but only after the balance is cleared, security steps are completed, and the account is reactivated.
- Subaccount management is blocked. When the clinic tried to close the Sterling Periodontics subaccount, Twilio's console would not allow it — because the main account was already suspended. Twilio eventually closed the subaccount on the clinic's behalf but still refused to restore service.
What Twilio says
In a series of emails reviewed by KFN (support ticket #27684593), Twilio's position has been consistent: the fraudulent activity occurred through API traffic, which falls under the customer's security responsibility per Twilio's Terms of Service. Twilio maintains there is no evidence of a platform-wide breach on its end.
When clinic owner Reena Gupta asked whether Twilio had evidence the compromise was the clinic's fault, support representative John T. pointed to common causes of credential exposure — compromised passwords, exposed API keys on GitHub, malware — but did not provide proof the clinic was responsible for this specific incident.
When Gupta noted that Twilio stopped the fraudulent charges by suspending the account — proving Twilio had the ability to halt the abuse — support reiterated that payment must come first. Multiple tickets were marked "solved" while the clinic's phones remained offline.
What the clinic says
Gupta told Twilio support: "We are a simple doctor office. The unauthorized activity happened because of Twilio, we had been using this account peacefully for last many years."
She emphasized the human cost: "We are dental clinic catering to low income population (denti-cal). We don't have this amount of money to pay… These expenses are way more than the charges Twilio is claiming us to pay."
The clinic estimates daily revenue losses exceeding $4,000 — far more than the disputed Twilio balance — and says it is prepared to pursue legal action and press coverage if the situation is not resolved.
Why this matters
Twilio is one of the largest cloud communications platforms in the world, powering phone and messaging for startups, enterprises, and small businesses alike. When a platform provider suspends service and simultaneously blocks number portability, a small medical practice serving vulnerable patients has no practical alternative — and the patients have no backup plan.
For Denti-Cal patients, losing access to their dental provider is not a billing dispute. It is untreated pain. It is a child missing school because of a toothache no one will see. It is an elderly patient unable to call about bleeding after an extraction. It is a working parent who cannot afford any other dentist — and now cannot reach the one they have.
The case raises broader questions about how cloud telecom providers handle account compromises at small businesses that lack dedicated IT staff, and whether holding phone numbers hostage behind a paywall for charges the customer disputes is an acceptable practice — especially when the collateral damage is a community of low-income patients left in pain.
Timeline (June 2026)
- Jun 24 — Twilio suspends account; notifies clinic of $4,403.81 balance from fraudulent API activity.
- Jun 24 — Clinic requests charge removal and account reactivation. Twilio declines, citing Terms of Service.
- Jun 24 — Clinic requests escalation. Twilio: "Our position is final."
- Jun 24 — Clinic notes it cannot port numbers while suspended. Twilio repeats payment requirement.
- Jun 25 — Twilio offers partial refund exploration — only after balance paid and account reactivated.
- Jun 25 — Clinic completes security sanitization steps; Twilio adds new requirements (subaccount token rotation).
- Jun 25 — Clinic cannot close subaccount due to suspension. Twilio offers to close it on their behalf.
- Jun 26–27 — Clinic pleads for phone restoration. Twilio: "We cannot proceed with unsuspending your account until the outstanding balance is addressed."
- Jul 1 — KFN publishes this report and launches a public campaign.
- Jul 2026 — Following KFN's reporting and public pressure, Twilio reactivates the clinic's phone service and waives the disputed charges. Patients can reach the clinic again.
Join the campaign
KFN is calling on Twilio to:
- Immediately restore the clinic's phone service so patients can reach their dentist.
- Waive fraudulent charges from the unauthorized API activity (IP 83.244.36.155).
- Release phone numbers for porting if the clinic chooses to leave Twilio.
- Escalate to executive leadership — frontline support has marked ticket #27684593 "solved" repeatedly while the clinic remains offline.
How you can help
- Share this story — post on social media, send to journalists, tag @twilio.
- Contact Twilio — call their Trust Center line at +1 (855) 488-1172 (Mon–Fri) and reference ticket #27684593.
- Email Twilio support at consumertrustsupport@twilio.zendesk.com demanding immediate resolution.
- Press tip? Contact KFN at contact@kfn.one or use our contact form.
Editor's note
This is original reporting by Key Future Network based on email correspondence between the clinic and Twilio Consumer Trust Support, provided to KFN by the affected party. Twilio was contacted for comment through its public support channels. KFN will update this story as developments occur.
