400,000 Bank Accounts Exposed in Marquis Breach: What to Do Now (2026)

400,000 bank accounts were just compromised in a data breach you can protect yourself from right now. Here's how.

Yesterday, Marquis (a marketing company that works with over 700 banks) announced that hackers stole customer information including Social Security numbers, bank account details, and credit card numbers.

While this is serious, there are four specific steps you can take today to lock down your accounts and prevent fraud. Most take less than 15 minutes.

What Actually Happened

Think of your bank like a house. You trust the house to keep your valuables safe.

But your bank doesn't work alone. They hire other companies to help with marketing, compliance, and customer communication. One of these companies is called Marquis.

Marquis is like a property manager who has keys to 700 different houses. Banks and credit unions across the country share customer information with Marquis so they can send birthday cards, compliance notices, and promotional offers.

On August 14, 2024, hackers broke into Marquis's systems. They didn't break down the front door. They found an unlocked window: a known security hole in Marquis's digital security system (a firewall device) that the company forgot to patch. Think of it like a lock manufacturer issuing a recall for a defective lock, but Marquis never installed the replacement.

Here's the concerning part: Marquis didn't notice for months. The hackers had free access to explore their systems and copy whatever they wanted.

By the time Marquis discovered the breach and removed the hackers, it was too late. The damage was done.

400,000 people's information was already stolen.

Texas was hit the hardest, with over 354,000 residents confirmed affected. That's 88% of all victims. Other states include Maine, Iowa, Massachusetts, and New Hampshire.

This wasn't a simple data leak. This was a ransomware attack, likely conducted by a criminal group called Akira. These are professionals who make millions of dollars selling stolen identity information.

What Information Did They Steal

The hackers didn't just get your email address. They got everything needed to impersonate you.

Here's what was stolen:

• Your full name - Not just "John Smith" but exactly how it appears on your bank account.
• Your date of birth - Combined with other data, this opens the door to identity theft.
• Your Social Security number - This is the skeleton key to your entire financial life. With your SSN, criminals can open credit cards in your name, take out loans you never applied for, file fake tax returns and steal your refund, and access medical care using your insurance.
• Your home address - Makes phishing attacks more convincing when scammers know exactly where you live.
• Your bank account numbers - Both checking and savings account details.
• Your debit and credit card numbers - The full numbers, not just the last 4 digits.

Here's why this is more dangerous than a password leak: You can change a password in 30 seconds. You cannot change your Social Security number. It stays with you forever.

Once this information is stolen, it can be sold and resold on criminal marketplaces for years. Your identity could be used to commit fraud a decade from now.

Are You Affected? How to Find Out

Not everyone who banks in these states is affected. It depends on whether your bank uses Marquis for their marketing services.

Here's how to check:

Step 1: Look for breach notification letters

By law, Marquis must notify everyone affected. Check your physical mailbox (they're sending letters), email inbox (search for "Marquis" or "data breach"), and spam/junk folder (sometimes these emails get filtered).

Step 2: Contact your bank directly

Call your bank's customer service and ask: "Does our bank use Marquis Marketing Services for customer communications?" If yes, ask: "Have you been notified of any data breach affecting Marquis?"

Step 3: Watch for these warning signs

Even if you haven't received a letter, watch for:

• Credit card charges you didn't make
• New credit cards arriving that you didn't apply for
• Calls from debt collectors about accounts you don't recognize
• Tax return rejection (someone filed using your SSN)
• Medical bills for services you never received
• Emails about password resets you didn't request

The states with confirmed victims: Texas (354,000+ residents, 88% of all victims), Maine, Iowa, Massachusetts, and New Hampshire.

If you live in these states and use a local bank or credit union, assume you're at risk until proven otherwise.

Why You're Only Hearing About This Now

You might be wondering: "If this breach happened in August 2024, why am I just finding out in December 2025?"

Unfortunately, this is common. The typical timeline looks like this:

• August 2024: Hackers break in
• Months later: Marquis discovers the breach
• More months: Investigation to determine who was affected
• December 2025: Legal notifications sent to victims

What this 16-month gap means for you: If you were affected, criminals have potentially had access to your information for over a year. This is why checking your historical credit reports is critical, not just your current accounts.

What to look for in old credit reports:

• Accounts opened between August 2024 and now that you don't recognize
• Credit inquiries you didn't authorize (especially from late 2024/early 2025)
• Collection notices for debts you don't owe
• Address changes you didn't make

If you find fraudulent accounts from 2024, don't panic. You can still dispute them. Fraud doesn't have a statute of limitations. Contact the credit bureau immediately and file a dispute, even if the account is over a year old.

The FTC has a recovery plan specifically for this situation: identitytheft.gov

What Hackers Will Do With Your Information

Understanding what criminals do with stolen data helps you protect yourself.

Here's their playbook:

Attack 1: Open New Accounts in Your Name - With your name, SSN, and date of birth, criminals apply for credit cards (they max them out, you get the bill), car loans, mortgages, personal loans, and cell phone contracts. These show up on your credit report months later when collection agencies start calling.

Attack 2: Take Over Your Existing Accounts - They use your bank account numbers to drain your checking account, transfer money out of savings, set up fraudulent ACH transfers, and change your account passwords.

Attack 3: File Fake Tax Returns - Criminals file tax returns in your name, claim your refund, and disappear. When you file your real return, the IRS rejects it because "you already filed." Fixing this takes months and lots of paperwork.

Attack 4: Medical Identity Theft - They use your insurance information to get prescription drugs, receive medical procedures, and access emergency room care. This messes up your medical records and can affect future insurance coverage.

Attack 5: Impersonation Scams (Phishing) - With accurate personal details, scammers can impersonate people and institutions you trust. They know your real name, they know your actual bank, they create false urgency, and they ask for information they already have to verify you're real.

How to spot phishing: Real banks never ask for SSN or passwords via email. Hover over links before clicking (the URL won't match your bank's real website). Look for small spelling errors in the sender's email address. When in doubt, don't click the link. Instead, call your bank directly using the number on your debit card.

Attack 6: Sell Your Identity to Others - Your complete identity bundle sells for $50-$200 on dark web marketplaces. One breach, hundreds of criminals buying your data.

What to Do Right Now (24-Hour Action Plan)

Time is critical. The faster you act, the harder you make it for criminals to profit from your stolen information.

Action 1: Freeze Your Credit (Do This First)

A credit freeze is the single most powerful protection available after a breach like this. It prevents anyone (including you, until you temporarily lift it) from opening new credit accounts in your name.

What a freeze does:

• Blocks new credit card applications
• Blocks new loan applications
• Blocks new cell phone contracts
• Blocks new utility accounts

What a freeze does NOT do:

• Does NOT affect your existing credit cards (they work normally)
• Does NOT affect your existing loans or accounts
• Does NOT hurt your credit score
• Does NOT prevent you from using your debit card
• Does NOT prevent you from checking your credit report

Important distinction: Freeze vs. Lock

Some credit bureaus offer both "freezes" and "locks." They sound similar but work differently.

• Credit Freeze: Free by law, strongest protection, requires a PIN to lift
• Credit Lock: Often costs money, managed through an app, easier to toggle on/off

For maximum security after this breach, use a freeze, not a lock. Locks are convenient for people who apply for credit frequently. Freezes are better for long-term protection.

How to freeze (takes 15 minutes for all three):

You need to freeze at all three bureaus. Freezing at just one leaves the other two open for criminals to exploit.

• Equifax: Online at equifax.com/personal/credit-report-services/credit-freeze or Phone 1-800-349-9960. Create a PIN when you freeze (write it down somewhere safe).
• Experian: Online at experian.com/freeze/center.html or Phone 1-888-397-3742. You'll get a confirmation email with instructions to lift the freeze.
• TransUnion: Online at transunion.com/credit-freeze or Phone 1-888-909-8872. Save your login credentials for when you need to lift the freeze.

When you need to apply for credit: Log into the bureau's website, temporarily lift the freeze (usually takes 15 minutes to 1 hour), apply for credit, and re-freeze your credit after approval.

Some people keep their credit frozen year-round and only lift it when needed. This is the most secure approach.

Action 2: Set Up Fraud Alerts

This is easier than credit freezes but less secure. It tells lenders to verify your identity before approving credit.

You only need to contact one bureau (they notify the others). Call Equifax, Experian, or TransUnion and request a fraud alert. Fraud alerts last for 1 year and can be renewed. They're free.

Action 3: Check Your Bank Accounts Daily

For the next 30 days, check your accounts every single day. Log into online banking, review all transactions, look for small "test" charges ($1-$5), and check for any unfamiliar withdrawals.

Why small charges matter: Criminals often test stolen card numbers with tiny purchases to see if the card works before making big charges.

If you see anything suspicious, call your bank immediately, dispute the charge, and request a new debit/credit card with new numbers.

Action 4: Change Your Bank Passwords

If your bank password is anything like your name plus birthday, your pet's name, "Password123", or anything you use on other websites, change it immediately.

Here's the problem most people don't understand:

Research shows 73% of people reuse the same password across multiple accounts. If hackers have your bank password from the Marquis breach, and you also use that password for email, Amazon, PayPal, or social media, they can access all of those accounts.

The solution: Unique passwords for every account

But how do you remember 50 different passwords?

You don't. You use a password manager. This is software that stores all your passwords in an encrypted vault and auto-fills them when you need them.

How password managers prevent credential stuffing:

Credential stuffing is when hackers take a password leaked from one breach and try it on hundreds of other websites. If you reuse passwords, they get in. If every password is unique (which is impossible to remember on your own), they can't.

What to look for in a password manager:

• Zero-knowledge encryption (not even the company can see your passwords)
• Cross-platform support (works on your phone, computer, and tablet)
• Auto-fill (automatically enters passwords so you don't have to type them)
• A password generator (creates random 20+ character passwords for you)

Action 5: Enable Two-Factor Authentication

Even with a strong password, add two-factor authentication (2FA) to your bank account.

Normal login requires just a password. Two-factor login requires a password plus a code from your phone.

Even if hackers steal your password, they can't log in without the code from your phone, which they don't have.

How to enable it: Log into your bank account, go to Settings or Security, look for "Two-Factor Authentication" or "2-Step Verification", and follow the prompts (usually involves installing an app like Google Authenticator).

Use an app, not text messages. Here's why:

SIM swapping is when a hacker calls your phone company, pretends to be you, and convinces them to transfer your phone number to a different SIM card (one the hacker controls). Once they have your number, they receive all your text message codes, including 2FA codes. Phone companies fall for this trick more often than you'd think.

Authenticator apps (like Google Authenticator or Authy) generate codes directly on your phone. Even if a hacker gets your phone number, they can't get these codes without physically having your phone.

Action 6: Request Your Free Credit Reports

By law, you can get free credit reports once per year from each bureau.

Go to AnnualCreditReport.com (this is the official government-approved site) and request reports from all three bureaus: Equifax, Experian, and TransUnion.

Look for:

• Accounts you didn't open
• Credit inquiries you didn't authorize
• Addresses you've never lived at
• Employers you've never worked for

If you find anything suspicious, dispute it immediately through the bureau's website.

Long-Term Protection (What to Do This Month)

The immediate crisis management is done. Now let's talk about protecting yourself for the next 5-10 years.

Because here's the reality: this stolen data doesn't expire. Criminals can sit on it for years before using it.

Protection 1: Consider Identity Theft Protection

Unlike a stolen password, which you can change, your Social Security Number and date of birth are permanent. They stay in criminal hands forever.

This is where identity theft protection becomes valuable. These services monitor places you can't easily check yourself.

What they monitor:

• Dark web marketplaces where stolen SSNs are bought and sold
• Credit bureau files for new accounts opened in your name
• Public records like court filings and property records
• Banking transactions for unusual patterns that might indicate fraud

When they alert you:

• When someone posts your SSN for sale on a criminal forum
• When a new credit card is opened in your name
• When someone files for bankruptcy using your identity
• When a payday loan appears in your name
• When medical claims are submitted under your insurance

Real-world example:

A colleague had their SSN stolen in a 2019 data breach. They didn't sign up for monitoring. In 2023 (four years later) they started getting collection calls for a $15,000 personal loan they never took out. The loan was opened in 2020, three years of interest had accumulated, and their credit score dropped from 780 to 520.

If they'd had monitoring, they would have been alerted the day the loan application was submitted and could have stopped it immediately.

The question to ask yourself: Would you notice if someone opened a credit card in your name next month? Most people wouldn't until they checked their credit report six months later. By which time the damage is significant.

Is identity theft protection required? No. But after a breach this severe, it's a smart investment. Think of it like car insurance: you hope you never need it, but you're glad you have it when something happens.

Protection 2: Protect Your Privacy Online

After a breach like this, you're a target. Scammers know your name, address, and bank. They'll try to intercept your communications, especially when you're logging into sensitive accounts.

Public wifi at coffee shops, airports, and hotels is where they strike. When you connect to check your bank account, they can see everything.

A VPN encrypts your entire internet connection. Nobody can see what you're doing online, not hackers on the same network, not your internet provider, not anyone.

Protection 3: Secure Your Email Account

Your email is the master key to everything else. If hackers get into your email, they can reset passwords on your bank accounts, intercept 2FA codes, and access your cloud storage.

Secure your email now:

• Change your email password (make it unique)
• Enable 2FA on your email (use an authenticator app, not SMS)
• Review "Connected Apps" and remove anything suspicious
• Check "Forwarding Settings" to make sure emails aren't being forwarded to hackers

Protection 4: Add Another Layer with a Dedicated VPN

If you want maximum protection, especially when traveling or using public wifi frequently, consider a dedicated VPN service.

Protection 5: File Your Taxes Early (And Get an IRS IP PIN)

One of the most common identity theft tactics is filing fake tax returns.

Here's how it works: Criminal files a tax return in your name in January, they claim your refund, when you file your real return in April the IRS rejects it because "you already filed," and you spend months proving your identity to the IRS.

The fix: File your taxes in January as soon as you have your W-2s. Beat the criminals to it.

Even better: Get an IRS IP PIN

An Identity Protection PIN (IP PIN) is a 6-digit number assigned by the IRS that prevents anyone from filing a tax return in your name without it. Think of it as two-factor authentication for your taxes.

You can request an IP PIN at: irs.gov/ippin

Once you have an IP PIN, even if criminals have your SSN, they can't file a tax return without this additional code that only you have.

Protection 6: Beware of Follow-Up Scams

Now that your information is out there, expect more targeted scams.

Common tactics you'll see:

• Fake breach notifications: "Your account was involved in the Marquis breach. Click here to secure your account." That link goes to a fake website that steals your login.
• Phishing calls: "This is [Your Real Bank]. We detected fraud on your account. Please verify your Social Security Number." They already know your bank. They're fishing for the last pieces of information they don't have.
• "Fix your credit" scams: "We can remove the Marquis breach from your credit report for $299." No one can remove a legitimate data breach from your credit report. These are scams.

The rule: Never click links or give information to unsolicited emails or calls.

If your bank contacts you, hang up and call them back using the number on your debit card.

Download: Complete Bank Breach Protection Checklist

A step-by-step PDF checklist covering everything in this article plus additional security measures.

The checklist includes:

• Credit freeze instructions for all 3 bureaus (with direct links)
• Sample dispute letters for fraudulent accounts
• Bank notification templates
• Timeline for recovery (what to do week 1, month 1, month 6)
• Long-term monitoring plan
• Scam examples to watch for

Why This Breach Is Different (And More Concerning)

This breach has some unique characteristics that make it more dangerous:

1. The Data Can't Be Changed

Password breach? Change your password. Credit card breach? Cancel the card, get a new number. SSN breach? You're stuck with it forever.

Your Social Security number follows you your entire life. Once it's stolen, there's no reset button.

2. The Delay Creates a False Sense of Security

The breach happened in August 2024. It's now December 2025. That's a 16-month delay between when hackers stole your data and when you found out.

During those 16 months, criminals could have opened accounts in your name, racked up debt, filed fake tax returns, and sold your identity multiple times.

By the time you get the breach notification, the damage might already be done.

3. Third-Party Breaches Are Harder to Track

You chose your bank. You trust your bank.

But you probably never heard of Marquis until this week.

That's the problem with third-party vendors: You don't know who your bank shares your data with, and you have no control over their security practices.

Marquis had an unpatched firewall vulnerability. Your bank might have perfect security, but it doesn't matter if their vendors don't.

4. Ransomware Groups Are Getting Smarter

The Akira ransomware gang, likely responsible, doesn't just encrypt data anymore. They steal it first, then encrypt it.

This means even if Marquis refused to pay the ransom, the data was still stolen. The hackers can sell your information regardless of whether they got paid. Your data is now permanently in criminal hands.

This is called "double extortion" and it's becoming the norm.

Your 24-Hour Action Checklist

Print this out and check off each item:

Within 1 hour:

• Freeze credit at Equifax
• Freeze credit at Experian
• Freeze credit at TransUnion

Within 6 hours:

• Check bank account for suspicious activity
• Change bank account password
• Set up 2FA on bank account
• Set up fraud alert (call one bureau)

Within 24 hours:

• Request free credit reports (AnnualCreditReport.com)
• Set up credit monitoring or identity theft protection
• Change email password and enable 2FA
• Download bank breach protection checklist

This week:

• Review credit reports for fraudulent accounts
• Contact your bank to ask if they use Marquis
• Set up daily bank account alerts
• Consider getting a password manager
• Request IRS IP PIN (irs.gov/ippin)

This month:

• File your taxes early (if tax season)
• Review and close old accounts you don't use
• Check public records for your name (county clerk websites)
• Talk to family members (they might be affected too)

Stay Protected: Get Weekly Security Updates

Data breaches happen every week. Stay informed without the noise.

Every Tuesday, receive a 3-minute email covering:

• Latest breaches and if you're affected
• New scams to watch for
• One security tip you can implement in 5 minutes

Final Thoughts

The Marquis breach affects 400,000 people, but millions more will face similar breaches this year.

In 2024 alone, over 5.5 billion records were exposed in data breaches worldwide. That's 180 accounts breached every second.

You can't prevent companies from getting hacked. But you can control how prepared you are when it happens.

The difference between someone who recovers quickly and someone who spends years cleaning up identity theft comes down to one thing: how fast you act.

The steps in this article take less than 2 hours total. That's 2 hours that could save you from months of headaches and thousands of dollars in fraud.

Don't wait until you see fraudulent charges. Act now.

Questions? Email contact@safepasswordgenerator.net

Stay safe out there.

SafePasswordGenerator.net Team

Related Articles

• Generate a Strong Bank Password (Free Tool)
• 50,000 Breached Passwords Analyzed: What We Learned
• Public WiFi Safety: What Hackers Actually See
• Password Manager Comparison: 1Password vs Bitwarden