Marquis Blames Firewall Provider for Data Breach
Fintech firm Marquis is seeking compensation from its firewall provider, SonicWall, following a ransomware attack in August 2025 that resulted in hackers stealing its customers’ personal and financial data. In a memo shared with customers and seen by TechCrunch, Marquis stated that it believes the breach occurred due to a previous data security incident involving SonicWall, which exposed critical information about its customers’ firewalls. The attack, according to Marquis, allowed hackers to gain access to credentials needed to launch the ransomware attack.
Third-Party Investigation Links Attack to SonicWall Breach
Marquis conducted a third-party investigation into the breach and concluded that hackers used information obtained from SonicWall’s earlier breach to bypass its firewall. The company confirmed that it stored a backup of its firewall configuration file on SonicWall’s cloud service, which the hackers allegedly accessed during the breach. Marquis is now evaluating its options, including seeking reimbursement for expenses incurred in responding to the incident.
SonicWall Responds to Marquis’ Claims
SonicWall has not accepted responsibility for the breach and has asked Marquis for evidence to substantiate its claims. A spokesperson for the company, Bret Fitzgerald, stated that they have yet to establish a direct connection between the earlier security incident and the ongoing ransomware attacks targeting firewalls. SonicWall had publicly disclosed in September 2025 that it had suffered a breach, affecting customers who used its cloud backup service. Initially, SonicWall reported that fewer than 5% of customers were impacted, but in October 2025, it clarified that all customers using the service, including Marquis, had their firewall configuration data and credentials accessed.
Impact on Marquis Customers and Data Security
Marquis, which serves hundreds of banks and credit unions, began notifying customers in November 2025 about the data breach. The stolen data includes personal information, financial details, and Social Security numbers of hundreds of thousands of individuals. SonicWall, based in Texas, conceded that its earlier breach affected all customers who backed up their firewall files to the cloud. However, SonicWall initially downplayed the extent of the breach, suggesting that only a small fraction of customers’ firewall files were compromised.
Marquis Investigates Other Potential Causes for Breach
In its communication, Marquis mentioned that it had also investigated whether a patch it failed to deploy could have contributed to the breach. However, the company determined that the flaw addressed by the patch was not exploitable in a way that would have allowed hackers to access its data. While Marquis has not disclosed how many individuals are affected by the breach, the number of affected individuals is expected to rise as new data breach notifications are filed with state attorneys general.
Featured image credits: arrow – stock.adobe.com
For more stories like it, click the +Follow button at the top of this page to follow us.