Marquis Software breach exposed SSNs and hit Community 1st Credit Union
Community 1st Credit Union disclosed a data breach tied to Marquis Software Solutions, a marketing and customer-engagement vendor that reportedly serves more than 700 banks and credit unions. Reporting indicates the vendor intrusion exposed sensitive customer data held on behalf of financial institutions, with Community 1st identifying affected individuals whose information was compromised through the third-party incident rather than a direct breach of the credit union's own network.
Separate breach reporting says the Marquis incident affected more than 1.3 million people and exposed highly sensitive personal information, including Social Security numbers. The disclosures highlight the scale of third-party concentration risk in the financial sector, where a compromise at a single software provider can cascade across multiple banks and credit unions and trigger customer notifications, breach filings, and potential fraud and identity-theft concerns.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
3 events from the most recent confirmed update back to the earliest known activity.
Marquis breach reported as impacting more than 1.3 million people
Public reporting stated that the Marquis Software Solutions breach affected over 1.3 million individuals and exposed highly sensitive information, including Social Security numbers. This marked a broader understanding of the scale and severity of the vendor-related incident.
Community 1st Credit Union discloses breach tied to Marquis vendor incident
Community 1st Credit Union publicly disclosed that a data breach affecting its customers was linked to Marquis Software Solutions. The disclosure identified the vendor compromise as the source of exposed member information.
Marquis Software Solutions suffers data breach affecting client institutions
A data breach at Marquis Software Solutions, a software vendor serving more than 700 banks and credit unions, exposed sensitive data handled on behalf of financial institution clients. The incident later became the basis for breach notifications and public reporting by affected credit unions.
Sources
3 references tracked. Mallory keeps watching after this page renders.
Software vendor serving 700+ banks hacked, credit union says - Comparitech
comparitech.com
Open sourceMarquis Software Solutions Data Breach Impacts Over 1.3M Exposing Social Security Numbers
claimdepot.com
Open sourceCommunity 1st Data Breach: Sensitive Information Exposed
claimdepot.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Ransomware Breach at Marquis Software Solutions Exposes Bank Customer Data
Marquis Software Solutions, a provider of marketing and compliance software to over 700 banks and credit unions, experienced a significant data breach after ransomware attackers exploited a vulnerability in its SonicWall firewall. The breach, detected on August 14, allowed attackers to access files containing sensitive information stored by Marquis on behalf of its financial institution clients, potentially exposing the personal data of at least 250,000 individuals. The compromised data may include names, addresses, phone numbers, dates of birth, Social Security numbers, tax identification numbers, and financial account information. Marquis Software stated that the incident was limited to its own environment, but the breach has affected multiple financial institutions whose customer data was managed by the vendor. The company is working with digital forensic investigators to assess the full scope of the breach and has notified affected parties accordingly.
Mar 21, 2026
Marquis Discloses Ransomware Breach Affecting 672,000 Banking Customers
**Marquis**, a Texas-based fintech and services provider to hundreds of U.S. banks, disclosed that an **August 2025 ransomware attack** exposed the personal and financial data of **672,075 individuals**. Stolen information included names, dates of birth, addresses, phone numbers, Social Security numbers, Taxpayer Identification Numbers, and bank, debit, and credit card details. The company said the intrusion disrupted operations at **74 banks**, while maintaining that the incident was limited to Marquis systems and did not directly impact customer bank environments. Reporting indicates the attackers gained access after compromising a **SonicWall firewall**, and Marquis has alleged in litigation that weaknesses tied to SonicWall allowed threat actors to obtain firewall configuration backup files and use them to breach its network, steal data, and deploy ransomware. The newly filed breach notices provide the clearest accounting so far of the scale of the incident, with a large share of affected individuals located in Texas, and connect the attack to broader concerns around credential and token exposure following SonicWall's earlier security disclosure.
Mar 20, 2026
Community Bank Exposed Customer Data Through Unauthorized AI App Use
Community Bank disclosed a security incident after customer information was exposed through use of an unauthorized AI-based software application, according to a filing with the U.S. Securities and Exchange Commission. The bank said the compromised non-public data included customer names, dates of birth, and Social Security numbers, and that it reported the matter because of the volume and sensitivity of the information involved. Reporting indicates the lapse may have occurred when customer data was uploaded to an online AI chatbot or similar service, though the bank has not identified the application or explained the exact mechanism. The bank said the incident did not disrupt operations or prevent customers from accessing accounts or payment services, but it is still assessing the scope of affected data and notifying impacted individuals as required by law. Community Bank is also communicating with banking and financial regulators and pursuing remediation to prevent a recurrence. The number of affected customers remains undisclosed.
May 13, 2026