Fintech Firm Hit by Ransomware, Exposing 672,000 Financial Records

Fintech firm Marquis was hit by a ransomware attack, resulting in the leakage of financial and personal data belonging to over 672,000 individuals. The breach targeted a third-party tech company that the banks had outsourced operations to, rather than the banks' own systems.

Texas-based Marquis is a company that provides data analysis tools for customer behavior analysis and service improvement to hundreds of banks. Hackers breached Marquis's systems in August 2025, deploying ransomware and leading to the exposure of data belonging to at least 672,075 individuals. While over half of the victims resided in Texas, customers across multiple regions were impacted. The leaked information contains sensitive details that could be used for criminal activities like unauthorized account withdrawals, fraudulent loan applications, and identity theft.

Marquis has filed a lawsuit, attributing the attack to a security flaw by firewall provider SonicWall. Marquis alleges that SonicWall's cloud backup system was inadequately protected, exposing firewall configuration files, encrypted credentials, and detailed network architecture to the outside. Marquis explained that this information acted as a blueprint, allowing hackers to gain a comprehensive view of the internal systems.

In its lawsuit, Marquis claims that SonicWall failed to immediately disclose the extent of the breach even after learning that its cloud backup service had been compromised. Marquis argues that SonicWall's assurances that firewall protection remained intact delayed Marquis's proactive response, constituting gross negligence and a failure of basic cybersecurity responsibilities as a security vendor.