The Texas Health and Human Services Commission (HHSC) has dismissed a number of employees after it learned in November that agency employees may have improperly accessed account information and personal identifying information of at least 61,000 individuals.
Following that discovery, HHSC took steps to mitigate the breach by terminating the employees involved and referring the incident to the Texas Health and Human Services Office of Inspector General (OIG) for investigation and coordination with prosecutor offices to pursue criminal charges.
There were no further details provided about the criminal investigation.
HHSC said its investigation is ongoing, and emphasized that any additional employees involved in similar inappropriate and illegal conduct will be terminated and referred to the appropriate authorities. HHSC also said it is strengthening internal security controls and working to implement additional fraud prevention measures, including enhanced monitoring and alerts to detect suspicious activity.
HHSC also is working to notify recipients of agency services and other affected individuals that their protected health, personal identifying information or sensitive personal information may have been inappropriately accessed, used, or disclosed.
In terms of what data was impacted, HHSC said that data that may have been inappropriately accessed, used, or disclosed were not the same for everyone. HHSC has determined full names, home addresses, telephone numbers, dates of birth, email addresses, Social Security numbers, Medicaid and Medicare Identification numbers, financial, employment, banking, benefits, health, insurance, medical, certificate, license and other personal information may have been inappropriately accessed between June 2021 and December 2024.
HHSC recommends that affected individuals carefully review their accounts and health care provider, insurance company, and financial institution statements to make sure their account activity is correct. HHSC also advises Supplemental Nutrition Assistance Program (SNAP) recipients to check their Lone Star Card transactions for potential fraudulent activity. Recipients who believe they may have been a victim of SNAP fraud should report the fraud to the OIG. They should also contact law enforcement to report the fraud and visit a local HHSC benefits office to have their benefits replaced.
