Tulane University Data Breach: 80,867 Individuals Impacted

Tulane University, a private research university in New Orleans, disclosed a data breach that affected approximately 80,867 individuals in the United States, including 2,992 Texas residents, 1,294 Massachusetts residents, 273 Indiana residents, 127 Maine residents and 69 Vermont residents.

On Aug. 10, 2025, a zero-day vulnerability in Oracle's E-Business Suite application allowed unauthorized parties to access and acquire files stored in the application. The breach went undetected for approximately seven months.

A subsequent review of the compromised files revealed that they contained personal information belonging to current and former Tulane employees, as well as their dependents and beneficiaries. The university continued reviewing the affected files in the weeks that followed.

The types of personal information exposed included names, Social Security numbers and direct deposit banking information.

The breach was further reported to attorneys general in California, New Hampshire and Oregon. Tulane began notifying affected individuals by U.S. mail on April 2, 2026.

Tulane University's response to the breach

Tulane worked closely with Oracle and third-party cybersecurity vendors to ensure the vulnerability was eliminated and to help prevent a similar incident in the future.

The university offered affected individuals complimentary credit monitoring and identity protection services through Experian's IdentityWorks program. Affected individuals can enroll online at the Experian IdentityWorks website using the activation code included in their notification letter.

Individuals with questions about the incident can call 844-425-3618, Monday through Friday, between 8 a.m. and 8 p.m. Central Time. For questions about the Experian product or for immediate identity restoration assistance, individuals can call Experian's customer care team at 833-918-1121.