A ransomware attack on Marquis, a Texas-based fintech company that serves hundreds of banks, exposed the personal and financial data of more than 672,000 individuals.
The stolen data includes names, dates of birth, addresses, bank account numbers, credit and debit card details, and Social Security numbers-enough to enable identity theft and fraudulent financial activity.
In August 2025, hackers reportedly infiltrated Marquis’ systems. The company later sued firewall provider SonicWall, alleging that a flaw in its cloud backup system allowed attackers access to critical network configurations.
Marquis responded by taking affected systems offline and engaging cybersecurity experts. The breach underscores how third-party firms in the banking ecosystem can pose significant risks to consumer data.
Security experts warn that when firewall configurations and credentials are leaked, attackers gain detailed insights into network defenses, enabling deeper intrusions.
The incident has prompted concerns about accountability among cybersecurity providers and the broader implications for financial privacy.