Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the Gesa Credit Union data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About Gesa Credit Union
Gesa Credit Union is a not-for-profit financial cooperative that began in 1953 in Richland, Washington. Originally serving administrative employees at the Hanford site, Gesa has grown into one of the largest credit unions in Washington state, now serving more than 260,000 members.
The credit union expanded rapidly after 1996 when it became a community-chartered institution, opening membership to anyone in Washington. Today, Gesa operates dozens of branches across Washington, Oregon and Idaho, with a focus on community engagement and financial education.
Gesa is known for its commitment to giving back, including millions in community contributions and scholarship programs. Despite its growth, Gesa continues to emphasize its cooperative roots and focus on member benefits.
What Happened?
In August 2025, Gesa Credit Union learned of a data security incident involving Marquis Software Solutions, a former marketing and communications vendor. Marquis detected suspicious activity on its network on Aug. 14, 2025, and determined that an unauthorized third party had accessed and acquired certain files from its systems.
Marquis’ investigation r
Source: https://www.claimdepot.com/investigations/gesa-credit-union-data-breach-2025
Gesa Credit Union cybersecurity rating report: https://www.rankiteo.com/company/gesa-credit-union
"id": "GES1764878550",
"linkid": "gesa-credit-union",
"type": "Breach",
"date": "8/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unknown',
'industry': 'Financial Services',
'location': 'Washington, Oregon, Idaho, '
'USA',
'name': 'Gesa Credit Union',
'size': 'Large (260,000+ members)',
'type': 'Financial Cooperative'},
{'customers_affected': None,
'industry': 'Software/Technology',
'location': None,
'name': 'Marquis Software Solutions',
'size': None,
'type': 'Vendor (Marketing and '
'Communications)'}],
'attack_vector': 'Third-party vendor compromise',
'customer_advisories': 'Affected individuals may be eligible for '
'compensation',
'data_breach': {'data_encryption': None,
'data_exfiltration': 'Yes',
'file_types_exposed': None,
'number_of_records_exposed': None,
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Personally '
'identifiable '
'information'},
'date_detected': '2025-08-14',
'description': 'Gesa Credit Union learned of a data security '
'incident involving Marquis Software Solutions, a '
'former marketing and communications vendor. '
'Marquis detected suspicious activity on its '
'network on August 14, 2025, and determined that '
'an unauthorized third party had accessed and '
'acquired certain files from its systems.',
'impact': {'brand_reputation_impact': None,
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Sensitive personally '
'identifiable information',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'High',
'legal_liabilities': None,
'operational_impact': None,
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': None},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': None},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'references': [{'date_accessed': None,
'source': 'Shamis & Gentile P.A.',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': None,
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': None,
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'title': 'Gesa Credit Union Data Breach via Marquis Software '
'Solutions',
'type': 'Data Breach'}