A significant ransomware attack on Marquis, a Texas-based fintech company, has resulted in the exposure of sensitive personal and financial information belonging to at least 672,075 individuals. The breach, which occurred in August 2025, compromised data including names, dates of birth, addresses, bank account details, credit card numbers, and Social Security numbers, putting a large number of customers at risk of identity theft and financial fraud.

Key Takeaways

• A ransomware attack on Marquis, a fintech firm serving banks, exposed the data of over 672,000 individuals.

• Stolen information includes Social Security numbers, bank account details, and credit card information.

• Marquis alleges a security flaw in its firewall provider, SonicWall, contributed to the breach.

• Affected individuals are advised to monitor accounts, change passwords, and consider credit freezes.

The Marquis Data Breach

Marquis, a company that provides data analytics tools to hundreds of banks, experienced a ransomware attack in August 2025. Hackers gained access to the company's systems, stealing sensitive data and deploying ransomware. The full extent of the breach has since been disclosed, revealing that over 672,000 people were affected. While a majority of those impacted are in Texas, customers from multiple regions are involved.

The compromised data is highly sensitive and includes details that can be used for serious identity fraud. This includes names, dates of birth, home addresses, bank account details, debit and credit card numbers, and Social Security numbers.

Allegations Against SonicWall

In the aftermath of the breach, Marquis filed a lawsuit against its firewall provider, SonicWall. Marquis alleges that a security flaw in SonicWall's cloud backup system allowed attackers to steal critical configuration files. According to the lawsuit, these files provided hackers with a detailed roadmap of Marquis' network defenses, enabling them to access systems, steal data, and deploy ransomware. Marquis further claims that SonicWall was aware of the compromise but did not promptly disclose the full scope, delaying Marquis' ability to take protective actions.

Marquis's Response

Marquis stated that upon identifying the security incident, they immediately enacted incident response protocols, including taking affected systems offline. They engaged third-party cybersecurity experts for a comprehensive investigation and notified law enforcement. A spokesperson for Marquis confirmed that their firewall service provider, an industry-leading cybersecurity company, had disclosed a threat actor gaining unauthorized access to its cloud backup service earlier in the year. Marquis had recently started using this provider's firewalls.

Impact and Protective Measures

This breach highlights the risks associated with third-party vendors in the financial sector. When a company like Marquis, which handles sensitive data for numerous banks, is compromised, the impact can be widespread. The stolen information can be used for various fraudulent activities, including opening new credit accounts, taking out loans, or accessing existing bank accounts.

To mitigate the risks, individuals whose data may have been exposed are advised to take several protective steps:

1. Monitor Accounts: Closely check bank and credit card statements for any unauthorized transactions.

2. Change Passwords: Update passwords for all important accounts, especially financial and email, using strong, unique combinations.

3. Enable Two-Factor Authentication (2FA): Implement 2FA wherever possible for an extra layer of security.

4. Consider Credit Freeze/Fraud Alert: Place a fraud alert or freeze credit reports to make it harder for criminals to open new accounts.

5. Watch for Scams: Be wary of phishing attempts or suspicious communications that may impersonate financial institutions.

6. Check Data Exposure: Utilize services like Have I Been Pwned to see if email addresses have been compromised in other breaches.

7. Update Devices: Ensure all devices and software are up-to-date with the latest security patches.

Broader Implications

The incident raises critical questions about accountability and security practices within the fintech industry. The reliance on third-party vendors means that a vulnerability in one company can have cascading effects on many others. The legal dispute between Marquis and SonicWall underscores the complexities of cybersecurity responsibility when security providers themselves are implicated in breaches.

By staying vigilant and adopting safe browsing practices, users can significantly reduce their exposure to these evolving threats. As cyber threats continue to evolve, your security strategy needs to evolve with them. BetterWorld Technology delivers adaptive cybersecurity solutions designed to keep your business secure while supporting innovation. Connect with us today to schedule a personalized consultation.

Sources

• Marquis bank data breach exposes 672,000 in ransomware attack, Fox News.

• Banking tech data breach exposes 672K in ransomware attack, AOL.com.

• Marquis Ransomware Attack Exposes 672K Social Security Numbers, The Tech Buzz.

• Data breach revealed, potentially impacting several banks, AOL.com.