Marquis Data Breach Exposes Dozens Of U.S. Banks and Credit Unions

A significant data breach at Marquis Software Solutions has exposed sensitive customer information from dozens of U.S. banks and credit unions.

The incident, reported to the Maine Attorney General’s office, affected 42,784 Maine residents alone.

Marquis, a Plano, Texas-based firm at 6509 Windcrest Dr., #170, provides data services to financial institutions as a third-party vendor.

Hackers breached its external systems on August 14, 2025, exposing names combined with other personal information, such as account details.

The breach stemmed from an external hacking attack in which threat actors gained unauthorized access to Marquis’s servers.

Security experts note that this type of intrusion often involves tactics such as phishing, exploiting vulnerabilities in web applications, or targeting weak API endpoints.

Marquis discovered the compromise the same day but delayed notifications until November 26, 2025, via written letters to affected individuals.

The firm acted on behalf of its business customers primarily banks and credit unions who own the compromised data.

Full breach details appear below in a structured summary:

Category	Details
Breach Date/Discovery	August 14, 2025 (both)
Type	External system breach (hacking)
Exposed Data	Names + personal identifiers (e.g., account info)
Maine Residents Affected	42,784
Notification Date	November 26, 2025 (written notices)
Protection Offered	12-24 months via Epiq Privacy Solution 1D: credit monitoring, dark web scans, identity restoration
Submitter	Steven Wernikoff, Partner, Honigman LLP
Notice Link	Maine AG Consumer Notification

Technical Impact and Response Measures

Financial sector experts warn that such vendor breaches amplify risks through supply chain attacks.

Marquis’s role likely involved core banking software, making it a prime target for credential stuffing or ransomware precursors.

Exposed data could fuel identity theft, loan fraud, or account takeovers.

No ransomware deployment was reported, but hackers may have exfiltrated data via command-and-control channels before detection.

Marquis offered robust remediation: Epiq’s service scans credit bureaus, monitors dark web marketplaces for stolen credentials, and provides restoration support.

Banks and credit unions must now audit vendor access, enforce multi-factor authentication (MFA), and patch known flaws, such as those in Log4j or outdated SSL configurations.

CISA urges segmenting third-party networks to limit lateral movement.

This event highlights ongoing threats to fintech vendors. Similar breaches, like the 2024 Change Healthcare hack, cost billions.

Affected institutions should scan for indicators of compromise (IoCs), such as anomalous logins from IP ranges tied to known actors.

Consumers are advised to freeze credit and monitor statements. Marquis has not disclosed total U.S. impacts, but Maine’s figure suggests nationwide exposure across its client base.