Bellwether Community Credit Union, a New Hampshire-based not-for-profit financial institution, is notifying members of a data breach that exposed sensitive personal information. The incident was not a direct attack on Bellwether’s own systems but occurred through a third-party vendor, Marquis Software Solutions Inc.
On Aug. 14, 2025, Marquis detected suspicious activity within its network and determined it was the victim of a ransomware attack. The unauthorized party gained access through Marquis’ SonicWall firewall, potentially acquiring files containing customer data. Marquis promptly launched an investigation, engaged cybersecurity experts, and notified federal law enforcement.
A forensic review revealed that the compromised files contained personal information received from business clients, including Bellwether Community Credit Union.
The information exposed in the Marquis data breach includes names, addresses, phone numbers, Social Security numbers, Taxpayer Identification Numbers, financial account information, and dates of birth. This constitutes a significant exposure of personally identifiable information (PII), which put individuals at risk of identity theft and financial fraud.
According to the Maine Attorney General’s office, 864 Maine residents associated with Bellwether were affected. The Washington Attorney General’s office lists 41 affected individuals, and the Iowa Attorney General’s office reports seven. Notifications to affected individuals began Nov.
Source: https://www.claimdepot.com/data-breach/bellwether-community-credit-union-2025
Bellwether Community Credit Union cybersecurity rating report: https://www.rankiteo.com/company/bellwether-community-credit-union
"id": "BEL1764898419",
"linkid": "bellwether-community-credit-union",
"type": "Ransomware",
"date": "8/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '912+ (864 Maine '
'residents, 41 '
'Washington '
'residents, 7 Iowa '
'residents)',
'industry': 'Credit Union',
'location': 'New Hampshire, USA',
'name': 'Bellwether Community Credit '
'Union',
'size': None,
'type': 'Financial Institution'}],
'attack_vector': 'Third-Party Vendor Compromise',
'customer_advisories': 'Member notifications sent in November '
'2025',
'data_breach': {'data_encryption': None,
'data_exfiltration': None,
'file_types_exposed': None,
'number_of_records_exposed': '912+',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (PII and financial '
'data)',
'type_of_data_compromised': ['Names',
'Addresses',
'Phone Numbers',
'Social Security '
'Numbers',
'Taxpayer '
'Identification '
'Numbers',
'Financial Account '
'Information',
'Dates of Birth']},
'date_detected': '2025-08-14',
'date_publicly_disclosed': '2025-11-01',
'description': 'Bellwether Community Credit Union notified '
'members of a data breach exposing sensitive '
'personal information due to a ransomware attack '
'on its third-party vendor, Marquis Software '
'Solutions Inc. The unauthorized party gained '
'access through Marquis’ SonicWall firewall, '
'potentially acquiring files containing customer '
'data from Bellwether and other business clients.',
'impact': {'brand_reputation_impact': 'Likely significant',
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Personally Identifiable '
'Information (PII), Financial '
'Account Information',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'High',
'legal_liabilities': 'Potential regulatory fines and '
'legal actions',
'operational_impact': None,
'payment_information_risk': 'High',
'revenue_loss': None,
'systems_affected': 'Third-party vendor systems '
'(Marquis Software Solutions '
'Inc.)'},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': 'SonicWall firewall',
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Ongoing',
'motivation': 'Financial Gain (Ransomware)',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': 'Third-party vendor '
'vulnerability '
'(SonicWall firewall)'},
'ransomware': {'data_encryption': 'Potential (implied by '
'ransomware attack)',
'data_exfiltration': 'Potential',
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'references': [{'date_accessed': None,
'source': 'Maine Attorney General’s office',
'url': None},
{'date_accessed': None,
'source': 'Washington Attorney General’s office',
'url': None},
{'date_accessed': None,
'source': 'Iowa Attorney General’s office',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': ['State Data '
'Breach '
'Notification '
'Laws'],
'regulatory_notifications': ['Maine '
'Attorney '
'General’s '
'office',
'Washington '
'Attorney '
'General’s '
'office',
'Iowa '
'Attorney '
'General’s '
'office']},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Member notifications, '
'regulatory disclosures',
'containment_measures': 'Investigation launched, '
'forensic review conducted',
'enhanced_monitoring': None,
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Federal law '
'enforcement',
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': 'Cybersecurity experts'},
'title': 'Bellwether Community Credit Union Data Breach via '
'Third-Party Vendor',
'type': 'Data Breach',
'vulnerability_exploited': 'SonicWall firewall vulnerability'}