Fintech agency Marquis advised prospects that it plans to hunt compensation from its firewall supplier after blaming the corporate for a breach that allowed hackers to steal its prospects’ private and monetary knowledge.
In a memo shared with prospects this week and seen by TechCrunch, Marquis stated it believes that its August 2025 ransomware assault occurred as a result of the corporate’s firewall service supplier SonicWall had its personal knowledge breach that uncovered vital safety details about its prospects’ firewalls. That earlier breach of SonicWall allowed hackers to acquire credentials wanted to launch a ransomware assault in opposition to Marquis, the memo stated.
Marquis stated its third-party investigation decided that the hackers obtained details about its firewall throughout the breach at SonicWall, which Marquis claims was used to bypass its firewall. Marquis confirmed within the communication that it saved a backup of its firewall configuration file in SonicWall’s cloud.
The corporate was “evaluating its choices” concerning its firewall supplier, together with the “recoupment of any bills spent by Marquis and its prospects in responding to the info incident,” in response to the memo.
When reached for remark, Hanna Grimm, an company spokesperson representing Marquis, didn’t deal with or dispute the corporate’s current communication to prospects however reiterated the declare linking its breach with an earlier theft of its firewall configuration.
“In September 2025, after the info safety incident affected our programs, our firewall service supplier, an industry-leading cybersecurity firm, publicly disclosed {that a} risk actor had earlier within the yr gained unauthorized entry to its cloud backup service,” the assertion stated.
“Marquis had just lately begun utilizing this supplier’s firewalls to assist defend our community,” the assertion added. “Whereas the supplier initially reported that fewer than 5% of consumers had been affected, it later clarified in October 2025 that firewall configuration knowledge and credentials related to all prospects utilizing the cloud backup service, together with Marquis, had been accessed.”
When contacted by TechCrunch, SonicWall spokesperson Bret Fitzgerald stated that the corporate has requested Marquis for proof to substantiate its claims and stated it will proceed to have interaction with its buyer.
“We’ve no new proof to ascertain a connection between the SonicWall safety incident reported in September 2025 and ongoing world ransomware assaults on firewalls and different edge units,” Fitzgerald stated.
The Texas-based Marquis, which permits a whole bunch of banks and credit score unions to visualise their prospects’ knowledge, started notifying a whole bunch of 1000’s of individuals final month that their data was taken throughout its ransomware assault.
The corporate has entry to giant quantities of information belonging to shopper banking prospects throughout the U.S., together with private data, monetary knowledge, and Social Safety numbers, which the hackers stole.
SonicWall conceded in October that an earlier breach of its programs had in truth affected all of its prospects who backed up their firewall recordsdata to SonicWall’s cloud. It had beforehand stated hackers stole only a fraction of its customers’ firewall configuration files containing insurance policies and settings.
Within the communication seen by TechCrunch, Marquis stated it known as in a 3rd social gathering to research whether or not a patch it had didn’t roll out on the time of the breach might have been in charge however concluded that the patch associated to a flaw was not exploitable in a method that might have allowed hackers to entry the corporate’s knowledge.
Marquis’ spokesperson declined to supply quite a lot of what number of people are affected by its knowledge breach. The variety of people identified to be affected by the breach is anticipated to rise as new knowledge breach notifications are submitted to state attorneys common.
Are you aware extra in regards to the Marquis knowledge breach? Do you’re employed at Marquis or an organization affected by the breach? We’d love to listen to from you. To securely contact this reporter, you possibly can attain out utilizing Sign by way of the username zackwhittaker.1337
