Norway Savings Bank customer data exposed via Marquis attack

Published: 22 November 2025
Last updated: 22 November 2025
NBS data in attackers hands

US-based Norway Savings Banks (NSB) informed clients that their personal details were exposed following a ransomware attack on the banks’ software provider.

NSB issued a data breach notice to tens of thousands of its customers, following a major attack against its data services provider, Marquis. Marquis is a Texas-based digital marketing, compliance solution and CRM software provider, working with over 700 banks in the US.

According to NSB's data breach notice, its third-party service provider suffered a data breach in mid-August of 2025. While the breach notice doesn’t specify the service provider, the company said it was Marquis in the form submitted to the Maine Attorney General’s Office.

ADVERTISEMENT
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

While the data breach did not impact NSB's internal systems, attackers got their hands on data the bank shared with its service provider. According to the breach notification, the exposed details include:

  • Names
  • Addresses
  • Dates of birth
  • Social Security numbers
  • Tax ID numbers
  • Financial account information

Leaking this type of information could put users at increased risk of privacy breaches. For one, attackers could utilize this data for identity theft purposes by setting up fraudulent accounts or filing fraudulent tax claims.

However, NSB said it will provide impacted customers with credit monitoring and identity theft protection services to help alleviate the risks related to the third-party hacker attack. In total, 51,000 NSB clients were exposed in the attack.

Most likely, NSB will not be the last American financial institution to suffer from the Marquis attack. Earlier this week, Community 1st Credit Union (C1st) submitted its own data breach notice about Marquis attack’s impact on its customer to the Iowa Attorney General.

Has my data been leaked?
Check Now

Interestingly, the C1st’s data breach notice clearly indicates that Marquis paid attackers. While not illegal, paying the ransom carries numerous risks as there’s zero guarantee that operators will not share stolen data on the dark web.

ADVERTISEMENT

Additionally, paying the ransom might send a signal to other attackers that an institution is likely to pay up in case of an attack, encouraging cybercrooks to target the same organizations multiple times.

Unlock more exclusive Cybernews content on YouTube

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked