Norway Savings Bank Data Breach 2025, 51,000 Customers’ SSNs and Financial Data Exposed in Marquis Software Ransomware Attack

ByAll About Lawyer Reading Time: 6 minutes

Norway Savings Bank (NSB), a Maine-based mutual financial institution serving customers since 1866, reported a data breach affecting 51,000 customers after a ransomware attack struck its third-party data services provider, Marquis Software Solutions, on August 14, 2025. The breach exposed names, addresses, dates of birth, Social Security numbers, Tax Identification Numbers, and financial account details. 

Multiple law firms are actively investigating class action claims. No lawsuit has been filed and no settlement exists. Affected customers should enroll in NSB’s free identity protection offer immediately.

Quick Facts

  • Incident type: Third-party ransomware attack via vendor Marquis Software Solutions
  • Defendant: Norway Savings Bank / Marquis Software Solutions
  • Breach date: August 14, 2025
  • Discovery date: August 14, 2025
  • Notification date: November 21, 2025
  • People affected: 51,000 total — 44,259 Maine residents
  • Data exposed: Names, addresses, DOB, SSNs, Tax IDs, financial account information
  • Settlement: ❌ None — class action investigation underway
  • Claim form: ❌ None available yet
  • Free protection offered: ✅ 12–24 months IDX credit monitoring
  • Official AG filing: Maine Attorney General’s Office — November 21, 2025
  • NSB website: norwaysavings.bank

What Happened

On August 14, 2025, cybercriminals infiltrated Marquis Software Solutions’ network through a SonicWall firewall vulnerability, executing a ransomware attack that stole customer data files before encrypting the company’s systems.

Marquis is a software vendor that provides marketing and compliance solutions to banks and credit unions, including Norway Savings Bank. The breach did not involve Norway Savings Bank’s own internal systems — it occurred entirely within Marquis’s data environment.

Reports indicate that Marquis paid a ransomware bounty shortly after discovering the attack. On October 27, 2025 — more than two months after the breach — Marquis concluded its forensic investigation and began notifying its affected financial institution clients, including Norway Savings Bank. NSB then notified affected customers on November 21, 2025.

How Many People Were Affected — and Beyond NSB

The Norway Savings Bank breach is one piece of a far larger supply chain attack. Because Marquis serves over 700 financial institutions, the total victim count continues rising. Other confirmed affected institutions include CoVantage Credit Union (160,000 members) and Maine State Credit Union (38,334).

The breach affected consumers across multiple states: Texas (354,000 individuals), Washington (269,773), and Massachusetts (280,375), with significant numbers also in South Carolina, Maine, and New Hampshire.

Norway Savings Asset Management Group accounts were not impacted.

What Data Was Exposed

The investigation confirmed that the following personally identifiable information was accessed: names, addresses, dates of birth, Social Security numbers, Tax Identification Numbers, and financial account details.

If you received a breach notice from NSB, your personal information — including potentially your Social Security number — may already be offered for sale on the dark web.

Free Protection NSB Is Offering

Norway Savings Bank is offering 12 to 24 months of free identity theft protection and credit monitoring through IDX. The package includes CyberScan dark web monitoring, a $1 million identity theft insurance policy, and fully managed ID recovery services.

Customers must enroll before the deadline stated in their individual notification letter. Call IDX Monday–Friday, 8 a.m.–8 p.m. using the number provided in your letter.

Related article: Total Wireless & Veriff Data Breach 2026, Three Class Actions Filed After Government IDs Stolen in Identity Verification Hack

Norway Savings Bank Data Breach 2025, 51,000 Customers' SSNs and Financial Data Exposed in Marquis Software Ransomware Attack

Legal Action: Class Action Investigation Underway

Multiple law firms are investigating whether a class action lawsuit can be filed against Norway Savings Bank and/or Marquis Software Solutions.

Affected individuals — including current and former NSB customers — may be able to pursue legal action via mass arbitration or class action for potential violations of their rights, with possible recovery of hundreds of dollars.

Firms actively investigating include:

  • Markovits, Stock & DeMarco, LLC — Terry Coates, (513) 651-3700, [email protected]
  • Wolf Haldenstein Adler Freeman & Herz LLP — (212) 545-4600
  • Chimicles Schwartz Kriner & Donaldson-Smith LLP — chimicles.com
  • The Lyon Firm — thelyonfirm.com

Consultations are free and no-obligation. Compensation in similar cases has included recovery for time and expenses addressing the breach, out-of-pocket losses from identity theft, loss of privacy, and statutory damages.

No lawsuit has been filed as of March 5, 2026. No settlement exists. This page will be updated when any case is filed or a claim process opens.

What Affected Customers Should Do Right Now

1. Enroll in free IDX protection. Use the enrollment instructions in your breach notification letter before the deadline. This is the single most important step you can take right now.

2. Place a free credit freeze with all three major bureaus — Equifax (equifax.com), Experian (experian.com), and TransUnion (transunion.com). A freeze costs nothing and blocks new accounts from being opened in your name.

3. Set fraud alerts. Place a one-year fraud alert with any one bureau — it automatically notifies the other two.

4. Monitor your bank accounts closely. Use NSB’s mobile app to enable real-time account alerts and use the CardHub feature to instantly disable your card if suspicious activity appears.

5. Watch for phishing attempts. Stolen SSNs and financial details are commonly used in targeted phishing emails and phone scams. Be skeptical of unsolicited contact claiming to be from NSB or government agencies.

6. Contact a data breach attorney for a free consultation if you believe your data was compromised.

Broader Context: Third-Party Vendor Breaches Are Accelerating

The Norway Savings Bank breach follows a pattern increasingly familiar in financial services — where institutions’ own systems are secure, but vendor supply chains become the attack surface.

The Betterment data breach of January 2026 — which exposed 1.4 million customers — also originated through a third-party vendor compromise, this time via social engineering of a CRM platform. Two class action lawsuits followed within weeks.

For a case where a third-party vendor breach resulted in a major settlement consumers can still file claims for today, see AllAboutLawyer.com’s coverage of the $117.5M Comcast data breach settlement — where a software vulnerability at a third-party provider exposed 31.6 million customers, with claims open through August 14, 2026 — and the Betterment data breach lawsuits, currently at the same early investigation stage as this case.

FAQs

Is there a Norway Savings Bank class action settlement I can join? 

No settlement exists as of March 5, 2026. Multiple law firms are investigating whether a class action can be filed. Contact the attorneys listed above for a free consultation.

Was NSB’s own system hacked? 

No. The breach occurred entirely within Marquis Software Solutions’ data environment. Norway Savings Bank’s internal systems were not involved.

What data was stolen?

 Names, addresses, dates of birth, Social Security numbers, Tax Identification Numbers, and financial account details. Norway Savings Asset Management Group accounts were not affected.

How many people were affected? 

At least 51,000 NSB customers — including over 44,000 Maine residents. The broader Marquis attack affected over 800,000 individuals across more than 80 financial institutions.

Why did it take so long to notify customers?

 Marquis did not conclude its forensic investigation until October 27, 2025 — more than two months after the August 14 breach. NSB notified customers on November 21, 2025, after receiving Marquis’s findings. The three-month gap between breach and notification is a central issue in the class action investigations.

I didn’t get a notification letter. Am I still affected?

 If you are an NSB customer and did not receive a letter, contact NSB directly at norwaysavings.bank or call your local branch. The Maine AG filing lists 44,259 Maine residents as affected — out-of-state customers may have been notified separately.

What should I do with my Social Security number now? 

Place an immediate credit freeze at all three major bureaus. Consider also placing a self-lock on your SSN through the Social Security Administration’s ssa.gov e-Verify portal, which prevents your number from being used to verify employment by others.

By AllAboutLawyer.com Staff | Last Updated: March 5, 2026

This article is for informational purposes only and does not constitute legal advice. Legal claims and outcomes depend on specific facts and applicable law. For advice regarding a particular situation, consult a qualified attorney.

About the Author

Sarah Klein, JD

Sarah Klein, JD, is a licensed attorney and legal content strategist with over 12 years of experience across civil, criminal, family, and regulatory law. At All About Lawyer, she covers a wide range of legal topics — from high-profile lawsuits and courtroom stories to state traffic laws and everyday legal questions — all with a focus on accuracy, clarity, and public understanding.
Her writing blends real legal insight with plain-English explanations, helping readers stay informed and legally aware.
Read more about Sarah

Leave a Reply

Your email address will not be published. Required fields are marked *