Yes — the University of Dallas (Irving) disclosed unauthorized system access and appears on the Texas OAG list published May 29, 2026, affecting 7,313 Texans.
State AG filings and consumer summaries place unauthorized access between August 11 and August 20, 2025. Written notifications began May 29, 2026, with 12 months of Experian IdentityWorks offered. Exposed data categories include SSNs, driver’s licenses / government IDs, financial account data, medical information, and health insurance details.
We audited udallas.edu on July 13, 2026 against the 100% ideal.
Breach Impact
| Field | Detail |
|---|---|
| Entity | University of Dallas |
| Sector | Private Catholic university (Irving, TX) |
| Intrusion window | Aug 11 – Aug 20, 2025 |
| Texans (OAG) | 7,313 (~10,975 nationwide in multi-state tallies) |
| Data types | Names; SSN; DL/gov ID; financial; medical; health insurance |
| Notice | Print media; website; U.S. Mail |
| Monitoring | Experian IdentityWorks (12 months) |

Independent Cybersecurity Audit
| Domain | Overall | Identity | Transport | Website | vs 100% ideal |
|---|---|---|---|---|---|
| udallas.edu | 56% | 20% | 15% | 92% | Average — short of ideal |
Key findings: Website headers look strong (92%), but 20% identity is among the weakest Texas privates we measured — spoofed @udallas.edu Experian and registrar phishing remains easy. Transport 15% matches the common campus floor. Overall 56% is nowhere near 100%.

Audit: udallas.edu
Priority Actions
Affected community: Enroll via letter instructions only; watch tax and medical identity theft indicators.
Campus IT: Identity must move from 20% → DMARC reject before the next admissions/advancement wave; enable MTA-STS enforce.
Related Trackers
- St. Thomas Houston breach (similar May 2026 OAG wave)
- Public vs private universities
- Texas OAG YTD
audit.emailmenow.com · Contact
Sources: Texas OAG · Maine AG — University of Dallas · EmailMeNow audit