Recently, Gesa reported to the Attorney General of Washington that it had experienced a data breach in which sensitive personal identifiable information in its care may have been compromised. According to the breach notice, on August 14, Marquis Software Solutions (“Marquis”), a third-party vendor for Gesa, detected suspicious activity on its network and determined that it had experienced a ransomware attack.1 As a result, Marquis launched an investigation to determine the nature of the incident.
Through its investigation, Marquis confirmed to Gesa that sensitive personal information in its systems may have been accessed and acquired by an unauthorized third party during the breach. As a result, Marquis began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
Name
Social Security number
Address
Phone number
Taxpayer identification number
Financial account information without security or access codes
Date of birth
As a result of the breach, on behalf of Gesa, Marquis began mailing data breach notification letters to impacted individuals. Based on the breach notice sent to Washington residents, Gesa and Marquis are providing affected individuals with a list of the specific types of sensitive information impacted and complimentary credit monitoring services. A link to the breach
Source: https://straussborrelli.com/2025/12/04/gesa-credit-union-data-breach-investigation/
Gesa Credit Union cybersecurity rating report: https://www.rankiteo.com/company/gesa-credit-union
"id": "GES1764896431",
"linkid": "gesa-credit-union",
"type": "Ransomware",
"date": "12/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'incident': {'affected_entities': [{'customers_affected': None,
'industry': 'Financial Services',
'location': 'Washington, USA',
'name': 'Gesa',
'size': None,
'type': 'Credit Union'},
{'customers_affected': None,
'industry': 'Software/IT Services',
'location': None,
'name': 'Marquis Software Solutions',
'size': None,
'type': 'Third-party Vendor'}],
'attack_vector': 'Third-party vendor compromise',
'customer_advisories': 'Data breach notification letters with '
'specific types of impacted information',
'data_breach': {'data_encryption': None,
'data_exfiltration': None,
'file_types_exposed': None,
'number_of_records_exposed': None,
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Name',
'Social Security '
'number',
'Address',
'Phone number',
'Taxpayer '
'identification '
'number',
'Financial account '
'information '
'without security '
'or access codes',
'Date of birth']},
'date_detected': '2023-08-14',
'description': 'Gesa reported a data breach where sensitive '
'personal identifiable information may have been '
'compromised due to a ransomware attack on its '
'third-party vendor, Marquis Software Solutions. '
'The breach involved unauthorized access and '
'acquisition of personal data.',
'impact': {'brand_reputation_impact': None,
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Sensitive personal identifiable '
'information',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'High',
'legal_liabilities': None,
'operational_impact': None,
'payment_information_risk': 'Moderate',
'revenue_loss': None,
'systems_affected': 'Marquis Software Solutions '
'network'},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': None},
'ransomware': {'data_encryption': 'Likely',
'data_exfiltration': 'Possible',
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'recommendations': 'Providing complimentary credit monitoring '
'services to affected individuals',
'references': [{'date_accessed': None,
'source': 'Gesa Breach Notice to Washington '
'Attorney General',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': 'Reported '
'to '
'Attorney '
'General '
'of '
'Washington'},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Data breach notification '
'letters mailed to '
'impacted individuals',
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': None,
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'title': 'Gesa Data Breach via Third-Party Vendor (Marquis '
'Software Solutions)',
'type': 'Data Breach, Ransomware'}}