Cassidy Targets Walz Administration Following Health Data Exposure

Senator Bill Cassidy has initiated a formal investigation targeting the administration of Governor Tim Walz concerning a significant health data breach within Minnesota.

This inquiry follows a similar probe Senator Cassidy recently conducted regarding a separate health data breach that occurred in Illinois. The senator is seeking comprehensive records from the Minnesota Department of Human Services (DHS).

Details of the Minnesota Data Incident

The breach involved an unauthorized employee of a healthcare provider accessing data stored within the MnCHOICES state system. This system is utilized by a substantial population of low-income individuals across the state.

A letter sent by Cassidy on Monday to the Walz administration detailed the sensitive nature of the exposed information. This data included detailed demographic profiles, the final four digits of Social Security numbers, Medicaid identification numbers, and other private financial and medical records.

Congressional Scrutiny and Commissioner Response

This congressional scrutiny marks the latest in a series of investigations launched or expanded by Senator Cassidy in recent weeks. Cassidy is currently engaged in a reelection contest.

In his correspondence to DHS Commissioner Shireen Gandhi, Cassidy noted that the breach raises serious concerns about Minnesota’s commitment to data security. He specifically mentioned that the state is already under scrutiny for widespread fraud within its government social service programs.

Cassidy asserted that the failure of Minnesota DHS to fully identify the scope of the incident and provide basic remedial support is unacceptable, given the department's role in assisting vulnerable communities.

Timeline and Remedial Actions

The Minnesota DHS reported that there was no evidence the accessed information had been misused within the system. The notification to affected parties occurred approximately four months after the breach took place between August 2025 and September 2025.

The department only became aware of the security incident on November 19, 2025, one month after the access window closed. Remedial recommendations included advising individuals to check for fraudulent health insurance claims and obtain free credit reports.

Senator Demands Answers on Security Protocols

Senator Cassidy has requested a formal response by April 14 regarding several critical points. These include the precise methods and timing of the breach discovery and the preventative steps implemented since the incident.

Furthermore, Cassidy questioned why the department is not offering complimentary credit monitoring services to those affected. He emphasized that as hostile actors employ increasingly sophisticated methods to acquire health information, government custodians of protected health data must implement robust deterrence measures.