CoVantage Credit Union Data Breach Affects 160k Members Exposing Social Security Numbers

On Aug. 14, 2025, CoVantage Credit Union, through its third-party vendor Marquis Software Solutions, experienced a data breach that affected 160,000 of its members.

Marquis, which provides digital and physical marketing services for CoVantage Credit Union, discovered suspicious activity on its network and determined that a cybersecurity incident had occurred. An unauthorized third party accessed Marquis’ systems and may have acquired files containing sensitive personal information.

The breach was limited to Marquis’ environment and did not impact CoVantage Credit Union’s internal systems. After the incident was identified, Marquis launched an investigation with the help of cybersecurity experts and notified federal law enforcement. By Sept. 8, 2025, Marquis had engaged an expert to identify the individuals affected and the specific data involved.

On Oct. 27, 2025, Marquis began notifying its clients about the affected individuals and the compromised information.

The types of information exposed in this breach include names, addresses, phone numbers, Social Security numbers, financial account information and dates of birth.

As of the most recent state disclosures, 613 individuals in Texas, 22 in New Hampshire, 36 in Massachusetts and 21 in Maine were affected. The breach was disclosed to the attorneys general offices of Maine, Massachusetts, New Hampshire and Texas beginning on Nov. 26, 2025.

CoVantage Credit Union and Marquis Software Solutions's response

For those affected, Marquis is offering 24 months of complimentary credit monitoring and identity protection services through Epiq Privacy Solutions ID. This includes three-bureau credit monitoring, credit report and score access, $1 million in identity theft insurance, dark web monitoring, lost wallet assistance and identity restoration services.

Affected individuals will receive mailed notifications with instructions on how to enroll in these services and a dedicated response line has been set up at 855-403-1764 for questions.

Given the nature of the breach, individuals are encouraged to remain vigilant by monitoring their account statements and credit reports for unauthorized activity. Taking advantage of the complimentary credit monitoring is highly recommended. Additional steps, such as placing a fraud alert or security freeze on credit reports, can provide further protection.