State employees suspected of stealing from low-income Texans' public assistance accounts

Sign up for The Brief, The Texas Tribune’s daily newsletter that keeps readers up to speed on the most essential Texas news.

---

Seven state employees have been fired for improperly accessing — and in some cases, stealing money from — accounts of thousands of Texans who receive Medicaid, food stamps and other public assistance, The Texas Tribune has confirmed.

Four of those employees were fired in December in what is believed to be the largest data breach in the Texas Health and Human Services Commission’s history after officials say they had accessed the personal account information of 61,104 Texans without a clear business reason.

In separate cases earlier last year, one employee was fired after officials said she illegally possessed information on the public assistance accounts of 3,392 people and another two were fired after $270,000 was stolen from some 500 food stamp accounts, according to the health agency’s watchdog arm, the state’s Health and Human Services Office of Inspector General. The office has referred those three individuals to local district attorney’s offices for prosecution.

The seven firings, from four separate incidents in the past year, are remarkable because Texas’ entire apparatus for investigating fraud in public assistance programs in the gargantuan $93.4 billion Texas Health and Human Services Commission was built to focus on outside actors, such as providers or retailers and clients themselves. These cases, however, show threats from within the agency, impacting the public benefits of several low-income and disabled adults and children who live in Texas.

First reported publicly by the Texas Attorney General’s Office on Jan. 6, the most recent breach impacted 61,104 account holders who had either applied or received assistance between June 2021 and December 2024 from the state’s Medicaid, Children’s Health Insurance Program, the Temporary Assistance for Needy Families or the Supplemental Nutrition Assistance Program, that is commonly referred to as food stamps.

On Friday, the social services agency will begin notifying all 61,104 individuals by first-class mail of the breach and that the state will be offering two years of free credit monitoring to them. Those who believe they were affected by the breach can call 866-362-1773 with questions and use the reference number B138648.

“The Texas Health and Human Services Commission is notifying recipients of agency services that their protected health, personal identifying or sensitive personal information may have been inappropriately accessed, used or disclosed,” according to a draft of the news release the agency plans to publish Friday. “HHSC recommends that affected individuals carefully review their accounts and health care provider, insurance company, and financial institution statements to make sure their account activity is correct.”

So far, officials have not offered a price tag on the cost of this breach.

Because the investigation is ongoing, officials have not released the names of the fired employees and would not confirm on Friday if any personal information of the 61,104 was leaked to the public or if any of their funds were stolen.

Collectively, the cases are the latest reminder of how large of a target to criminals the state’s database of personal data involving its poorest residents is and raises new questions about TIERS, the decades old computer system where employee-accessed information was stored. The system houses applications for Medicaid, food stamps and other public assistance programs.

The agency has asked the Texas Legislature for $300 million to update its eligibility and enrollment processes, including to the TIERS system, which was also at the center of problems during the resumption of Medicaid health insurance enrollment rules after the COVID-19 pandemic had ended. Texas removed, sometimes erroneously, more than 2 million individuals, mostly children, from the program once the emergency was declared over and the federal government resumed requirements that clients renew their Medicaid applications.

How the latest breach was detected

Nearly all — 8,386 — of the 9,500 staffers who work in the agency’s access and eligibility services division have access to personal account information, including dates of birth, home addresses, income and health information of people enrolled in various public assistance programs. But in all four major incidents that resulted in the seven firings, these division employees violated agency rules when they were caught either accessing client information without a legitimate business reason, state officials confirmed.

In the breach affecting the 61,104 Texans, a private contractor alerted agency officials on Nov. 21 of potential suspicious activity. Officials later connected the activity to eligibility division employees.

The case surfaced publicly on Jan. 6 when the agency, by law, notified the Texas attorney general’s office that a data breach had occurred. While the initial report to the attorney general’s office had indicated the private information of at least 250 beneficiaries had occurred, the agency updated that figure on Friday to 61,104.

Going forward, the agency insisted it is “strengthening internal security controls and working to implement additional fraud prevention measures, including enhanced monitoring and alerts to detect suspicious activity,” per its news release.

The agency’s office of inspector general continues to investigate the latest breach.

Created in 2003, the inspector general’s office is designed to concentrate on rooting out nefarious activities from outsiders. While it conducts internal affairs investigations of employees, the office has never been set up to focus primarily on state employees involved in security breaches that could result in fraud, according to the inspector general’s office.

The office also relies mostly on referrals from the public and agencies and while it has methods to investigate data activity, the office does not monitor various state databases on a daily basis to check whether state employees are properly handling data.

Stolen food stamp money

While agency employees have historically been investigated for violation of rules, three incidents last year have now alerted the inspector general’s office to focus more deeply at data-handling that has the potential to turn into public assistance fraud.

On Jan. 31, a member of the public reported that an employee in the eligibility division was changing personal identifying numbers, or PINs, on clients’ cards and selling the cards for half their worth in cash. Investigators found that the employee had changed PINs on 211 food stamp cards, leading to $81,638 stolen. The employee was fired and the case referred to local prosecutors.

Then in March, an internal investigation found that another division employee had emailed to her personal account a spreadsheet of people in the state’s community care program, which pays for attendant care for older and disabled Texans, a violation of the agency’s data-handling rules. She was fired and the case was referred to local prosecutors because the use or possession of such information is illegal in Texas.

Then last summer, the inspector general’s office found another division employee who had changed the PINs on 391 food stamp cards, using the benefits for illegal purchases resulting in a loss of $190,518. The employee was fired and the matter referred to a local district attorney.

With the latest large breach, the agency is warning all public assistance recipients to carefully examine their account activity, especially those with food stamp benefits.

“SNAP recipients, specifically, are being advised to check their Lone Star card transactions for potential fraudulent activity at YourTexasBenefits.com,” the agency release states. “Anyone who suspects they are a victim of fraud should call 2-1-1 and choose option 3 to report the fraud, contact law enforcement and visit a local agency office to have benefits replaced.”

The agency release also hinted that more employee terminations could be coming.

“As the agency’s internal review continues, additional affected individuals identified will be notified,” the release noted. “Employees involved in similar inappropriate and illegal conduct will be terminated and referred to the appropriate authorities.”

How welfare fraud schemes operate and Texas investigates

Texas Health and Human Services Commission accounts for nearly a third of the state’s budget, according to its latest strategic plan. About 91% of the agency’s expenses is for grants and client services.

The commission is one of two agencies under the health services umbrella. The other is the Department of State Health Services. Together the two employ about 50,000 people.

Of all the public assistance programs that the commission manages for Texans, the food stamp program is a frequent criminal target. In the fiscal year ending Aug. 31, the agency distributed more than $7 billion to Texans who qualified for grocery assistance, which can amount to roughly $200 to $1,500 per family depending on family size. In December, 3.6 million Texans received food assistance.

Food stamp assistance is fully funded by the U.S. Department of Agriculture. State dollars are used to pay for half of the state agency’s costs to administer the food stamp program and the other half is paid for by the federal government.

In its latest strategic plan, the agency lists as a goal to reduce waste in the food stamp program by 10% by focusing on employees more diligently evaluating applications. It does not mention employee-generated breaches or fraud, but instead focuses on impropriety among contractors of services.

“The OIG focus on high-risk providers protects against fraud, waste, and abuse of taxpayer funds and ensures that Texans receive the services they need,” the plan’s section on accountability states.

The most common fraud schemes the health agency’s inspector general’s office investigates involves clients selling their food stamp card balances “to a small store or food truck in exchange for cash,” according to the investigative agency’s December report. “A retailer typically gives cash to the (cardholder) at a discounted rate in exchange for their benefits. Then, the retailer uses the full amount of the benefits to buy inventory for their business.”

In the fiscal year ending in August, the inspector general’s office completed 17,075 investigations of retailers and clients, recovering $54.4 million. They referred 100 cases for criminal prosecution.