Bellwether Community Credit Union Data Breach Exposes SSNs & More

Published

December 4, 2025

Updated

December 4, 2025

Bellwether Community Credit Union

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

Bellwether Community Credit Union, a New Hampshire-based not-for-profit financial institution, is notifying members of a data breach that exposed sensitive personal information. The incident was not a direct attack on Bellwether’s own systems but occurred through a third-party vendor, Marquis Software Solutions Inc.

On Aug. 14, 2025, Marquis detected suspicious activity within its network and determined it was the victim of a ransomware attack. The unauthorized party gained access through Marquis’ SonicWall firewall, potentially acquiring files containing customer data. Marquis promptly launched an investigation, engaged cybersecurity experts, and notified federal law enforcement.

A forensic review revealed that the compromised files contained personal information received from business clients, including Bellwether Community Credit Union.

The information exposed in the Marquis data breach includes names, addresses, phone numbers, Social Security numbers, Taxpayer Identification Numbers, financial account information, and dates of birth. This constitutes a significant exposure of personally identifiable information (PII), which put individuals at risk of identity theft and financial fraud.

According to the Maine Attorney General’s office, 864 Maine residents associated with Bellwether were affected. The Washington Attorney General’s office lists 41 affected individuals, and the Iowa Attorney General’s office reports seven. Notifications to affected individuals began Nov. 26, 2025, and will continue in the coming weeks.

Bellwether Community Credit Union's response

In response to the breach, Bellwether and Marquis have coordinated to notify all affected individuals and regulatory bodies. Marquis is providing complimentary credit monitoring and identity theft protection services through Epiq Privacy Solutions ID for those whose data was involved.

If you receive notification from Bellwether Community Credit Union or Marquis about this breach, you may want to:

Sign up for the free Epiq Privacy Solutions ID identity theft protection services offered by Marquis.
Monitor your credit reports and financial accounts for any unusual activity.
Be alert for phishing emails or phone calls that may use your exposed information.
Consider placing a fraud alert or credit freeze with major credit bureaus.