General Frequently Asked Questions
What happened?
On August 14, 2025, Marquis Software Solutions, a digital and physical marketing and communications company, identified suspicious activity on its network and later determined that it was the result of a cybersecurity incident. Upon learning of the incident, the vendor immediately launched an investigation, worked with Union State Bank to understand the scope of the issue, and engaged cybersecurity experts to assist. The vendor also promptly notified law enforcement.
Based on the information available to date, your personal information was accessed without authorization during the incident. Currently, there is no evidence of the misuse, or attempted misuse, of personal information as a result of this incident. Further, the incident was limited to the vendor’s environment as Union State Bank was not a current customer at the time of the incident.
After the incident occurred, Union State Bank worked closely with the vendor and cybersecurity experts to ensure that the vendor has secured its systems and implemented additional safeguards; conducted an internal review of all systems connected to the vendor; and enhanced its oversight protocols for third-party security management.
Why did I receive a written notice of the incident?
As part of its response to an incident that may have impacted information relating to individuals contained within databases, Marquis sent a notice to individuals who were affected by this incident. You received a notice because information relating to you was identified in the potentially impacted databases.
When did this happen?
The incident occurred on August 14, 2025.
Am I affected?
All individuals known to be affected were sent notification. If you did not receive notification, you were not affected. If you believe you may have been affected even though you did not receive notice, please contact customer service to provide your name and address and we will confirm whether your information was affected.
What information was affected?
Marquis cannot confirm if the unauthorized actor viewed any specific information within the impacted files. Notification of this event was sent to potentially impacted individuals for whom the unauthorized actor had contact information. That notice included specific details about the type(s) of data potentially accessible
for each person.
for each person.
What is Marquis doing in response to this incident?
Both Union State Bank and Marquis are committed to protecting the security and confidentiality of your information, and we deeply regret any inconvenience this may cause you. We want to assure you that upon learning of the incident, the vendor immediately launched an investigation and engaged the appropriate cybersecurity experts to assist. They also promptly notified law enforcement. Further, the incident was limited to the vendor’s environment as Union State Bank was not a current customer at the time of the incident.
How many individuals were affected?
We are not able to provide that information. Marquis has notified those individuals whose information was affected.
Why does Marquis Software Solutions have my information?
Marquis is a third-party vendor that provides marketing software services to banks and credit unions. Marquis had access to your information under the terms of a contract for software services with Union State Bank.
Why wasn't I informed of the incident sooner?
Upon learning of the incident, the vendor immediately launched an investigation, worked with Union State Bank to understand the scope of the issue, and engaged cybersecurity experts to assist. After completing the initial investigation, the credit union reviewed the files and folders accessed during the incident to confirm the specific information present. Notifications to individuals were made as quickly as possible thereafter.
Are my accounts safe?
There is no evidence customer funds were affected by this incident. As best practice, we always recommend monitoring your statements and reporting any unexpected activity.
Is it safe to use my credit / debit card?
There is no evidence of any misuse of your credit/debit card. As best practice, we always recommend monitoring your statements and reporting any unexpected activity.
The person who received the notice is deceased. Do I need to do anything?
We have no knowledge that your loved one’s information has been misused in any way. If you haven’t done so already, you may wish to contact your loved one’s credit card company or financial institution to cancel any existing credit card or bank accounts.
Is this legitimate? Is this a scam?
The notice that you received is legitimate. We are committed to protecting the security and confidentiality of your information, and we deeply regret any inconvenience this may cause you.
Why is the return address of my notice from Oregon?
This is the address of Marquis's mailing vendor, Epiq, who is assisting with mailing notification and sorting any returned mail.
Credit Monitoring FAQs
What is credit monitoring?
Credit monitoring is a very effective tool for becoming aware of fraudulent activity. Once activated, you’ll be informed of any changes to your credit file such as:
- New inquiries
- New accounts opened in your name
- Late payments
- Improvements in your report
- Bankruptcies and other public records
- New addresses
- New employers
Are you offering credit monitoring?
We are offering complimentary access to credit monitoring to certain individuals. Product and enrollment instructions regarding these services were included in the notification sent to impacted individuals.
How can I obtain a free copy of my credit report?
You may obtain a copy of your credit report, free of charge, directly from each of the three nationwide credit reporting companies. To order your annual free report please visit www.annualcreditreport.com, call toll free at 1-877-322-8228, or directly contact the three nationwide credit reporting companies.
What other options do I have to protect my information?
You can contact the three credit bureaus and place a fraud alert or freeze your credit.
Equifax: 1-800-525-6285 | www.equifax.com
Experian: 1-888-397-3742 | www.experian.com
TransUnion: 1-800-680-7289 | www.transunion.com
Equifax: 1-800-525-6285 | www.equifax.com
Experian: 1-888-397-3742 | www.experian.com
TransUnion: 1-800-680-7289 | www.transunion.com
What is a fraud alert?
A fraud alert on your credit report notifies lenders and creditors who pull your report to take additional steps to verify your identification before they extend a credit line or loan in your name. You may place a free 90-day fraud alert on your credit report with any of the three major credit bureaus, namely Equifax, Experian, and TransUnion. Once you place an alert with one of the three agencies, it is shared with the other two agencies. You do not need to contact all three agencies.
What is a credit/security freeze?
You have the right to place a “security freeze” on your credit report, which will prohibit a consumer reporting agency from releasing information in your credit report without your express authorization. The security freeze is designed to prevent credit, loans, and services from being approved in your name without your consent. However, you should be aware that using a security freeze to take control over who gets access to the personal and financial information in your credit report may delay, interfere with, or prohibit the timely approval of any subsequent request or application you make regarding a new loan, credit, mortgage, or any other account involving the extension of credit. Pursuant to federal law, you cannot be charged to place or lift a security freeze on your credit report.
What is the difference between a Credit Freeze and a Fraud Alert on my Credit Report?
A fraud alert tells creditors to contact you personally before they open any new accounts. A security freeze prohibits, with certain specific exceptions, the consumer reporting agencies from releasing your credit report or any information from it without your express authorization.
Will I be automatically charged after the complimentary credit and identity monitoring service expires?
You will not be charged automatically after your complimentary credit and identity monitoring services expire. You do not need to provide any payment information to enroll in the services.
I am having trouble enrolling in the offered credit monitoring.
First you should verify that you are visiting the correct website, www.privacysolutionsid.com. Next confirm that you are entering the 12 digit activation code in the space labeled “Enter Activation Code”. If you are still experiencing difficulty, please call directly at 866.675.2006, Monday-Friday 9:00 a.m. to 5:30 p.m., ET.