Sign up for The Brief, The Texas Tribune’s daily newsletter that keeps readers up to speed on the most essential Texas news.

Texas Health and Human Services Commission late Wednesday began notifying another 33,529 recipients of state benefits that their private information had been improperly accessed.

The latest announcement comes as the state agency continues to investigate a series of breaches by its own employees of its database for Medicaid, food stamp and other assistance programs.

Three months ago, the state notified 61,104 Texans that their personal information may have been improperly accessed by state employees. At that time, seven state employees tied to the breach had been fired including two who stole from recipients food stamp cards.

In February, the agency notified lawmakers that another two state employees had been fired, bringing to a total of nine state employees who had accessed individuals’ accounts without a stated business reason.

HHSC officials said Wednesday that these fired employees are now responsible for breaching the personal information of another 33,529 account holders who had either applied or received assistance between June 2021 and January 2025. It is not known how many of those account holders had their benefits compromised.

The state agency recommends that affected individuals carefully review their accounts and health care provider, insurance company and financial institution statements to make sure their account activity is correct. Any questionable charges should be reported promptly to the provider or company and contact law enforcement.

HHSC advises Supplemental Nutrition Assistance Program (SNAP) recipients to check their Lone Star Card transactions for potential fraudulent activity at YourTexasBenefits.com or through the Your Texas Benefits mobile app. Recipients who believe they may have been a victim of SNAP fraud should call 2-1-1, select a language, and choose option 3 to report the fraud to the Texas Health and Human Services Office of the Inspector General. They should also contact law enforcement to report the fraud and visit a local HHSC benefits office to have their benefits replaced.

HHSC has determined full names, home addresses, telephone numbers, dates of birth, email addresses, Social Security numbers, Medicaid and Medicare identification numbers, financial, employment, banking, benefits, health, insurance, medical, certificate, license and other personal information may have been inappropriately accessed. Recipients who want to know more can go to this link on the agency’s website.

The state agency is offering two years of free credit monitoring and identity theft protection services to those affected by the breach. They can also call 866-362-1773, toll-free and use the engagement number B139792

In addition, HHSC has notified one of its contractors, Maximus, that one of the company’s employees was suspected of improperly using personal information from HHSC’s computer systems. Maximus has since terminated that employee for improperly accessing protected health information of Texans enrolled in state benefits between May 8, 2023 and Feb. 28, 2025.

The health agency’s office of inspector general is investigating the data breaches.

Tickets are on sale now for the 15th annual Texas Tribune Festival, Texas’ breakout ideas and politics event happening Nov. 13–15 in downtown Austin. Get tickets before May 1 and save big! TribFest 2025 is presented by JPMorganChase.

This article originally appeared in The Texas Tribune at https://www.texastribune.org/2025/04/30/texas-hhsc-data-breach-snap-medicaid/.

The Texas Tribune is a member-supported, nonpartisan newsroom informing and engaging Texans on state politics and policy. Learn more at texastribune.org.