Tulane University Medical Group Data Breach Affects 6,530 Individuals

Administrators of the Tulane Educational Fund dba Tulane University Medical Group (TUMG) recently experienced a data breach involving the unauthorized access and potential exfiltration of sensitive data. The breach has affected 6,530 individuals in the United States.

The CL0P Ransomware group actor posted on the Tor network on Nov. 18, 2025, claiming responsibility for the attack. The group targeted TUMG’s systems, which use eClinicalWorks EHR for managing clinical and financial data, as well as patient engagement and analytics.

The exposed types of information have not been disclosed but may include personally identifiable information (PII) and protected health information (PHI) such as names, addresses, dates of birth, Social Security numbers, medical record numbers, treatment information, and possibly financial data related to patient billing.

The breach was officially disclosed to the U.S. Department of Health and Human Services on Jan. 15, 2026.

Tulane University Medical Group's response

In response to the ransomware attack, TUMG initiated an investigation and took steps to secure its network and prevent further unauthorized access. The organization is working with cybersecurity experts to assess the scope of the incident and determine exactly what information was compromised.

Given the nature of the breach, affected individuals should remain vigilant for signs of identity theft or fraud. Recommended steps include:

• Monitoring credit reports and bank statements for unusual activity
• Placing a fraud alert or security freeze on credit files
• Being cautious of phishing emails or phone calls that reference the breach or request additional personal information

Individuals are encouraged to review any official notifications sent by TUMG for specific instructions and support resources.