Ethical Hacking News
Marquis Reveals Devastating Ransomware Attack: 672K Individuals Affected by Cyber Breach
A Texas-based financial services provider has revealed that a ransomware attack in August 2025 resulted in the theft of sensitive data from over 670,000 individuals. The company blamed the breach on a security vulnerability disclosed by SonicWall and is now defending multiple lawsuits related to the incident.
Marquis, a Texas-based financial services provider, was hit by a devastating ransomware attack that resulted in the theft of sensitive data from over 670,000 individuals. The attack compromised Marquis' network and disrupted operations at 74 banks across the United States. The breach occurred when SonicWall's cloud backup service was compromised by threat actors on August 14, 2025. The stolen data included personal and financial information without security or access codes. Marquis acknowledged that affected individuals may have had their personal data accessed by the attackers. A Mandiant investigation linked the attack to a state-sponsored hacking group. Marquis filed a lawsuit against SonicWall, accusing the cybersecurity company of gross negligence and misrepresentation. The company is also defending over 36 consumer class action lawsuits stemming from the cyberattack and data breach. The incident highlights the ongoing threat of cyberattacks and the need for companies to prioritize cybersecurity measures.
Marquis, a Texas-based financial services provider, has been left reeling from a devastating ransomware attack that saw sensitive data of over 670,000 individuals stolen in August 2025. The cyberattack not only compromised the company's network but also disrupted operations at 74 banks across the United States.
According to a statement filed with U.S. Attorney General offices in early December, Marquis suffered a ransomware attack on August 14, 2025, after SonicWall's cloud backup service was compromised by threat actors. The breach resulted in the theft of personal and financial information, including names, dates of birth, addresses, phone numbers, Social Security numbers, Taxpayer Identification Numbers, and financial account information without security or access codes.
The incident was limited to Marquis' systems and did not affect its customers' systems, the company stated. However, it acknowledged that affected individuals may have had their personal data accessed by the attackers. The company worked as quickly as possible to validate and identify individuals whose information may have been affected by the incident, with the help of its customers.
Marquis blamed the ransomware attack on a security breach disclosed by SonicWall on September 17, 2025. At the time, SonicWall warned customers to reset their MySonicWall account credentials due to a potential vulnerability in its cloud backup service. The company stated that the incident affected only about 5% of its firewall customers using the service and that the attackers could extract access credentials and tokens, making it easier for them to compromise affected customers' firewalls.
A Mandiant investigation into the September attack found evidence linking the incident to a state-sponsored hacking group. In response, Marquis filed a lawsuit against SonicWall in February, accusing the cybersecurity company of gross negligence and misrepresentation. The lawsuit alleged that SonicWall's conduct led to damages for Marquis, including lost customers, harm to its business reputation, lost business opportunities, revenue, and profit.
In addition to the lawsuit, Marquis is also defending over 36 consumer class action lawsuits stemming from the August 2025 cyberattack and the resulting data breach. The company is seeking monetary damages, indemnification, contribution for any judgments in the related class actions, attorneys' fees, and equitable relief.
The devastating ransomware attack on Marquis highlights the ongoing threat of cyberattacks and the need for companies to prioritize cybersecurity measures. With the increasing sophistication of malware and the growing number of state-sponsored hacking groups, it is essential for organizations to stay vigilant and take proactive steps to protect their networks and data.
In response to the incident, Marquis has implemented additional security measures to prevent similar breaches in the future. The company has also emphasized the importance of cybersecurity awareness among its customers and employees, encouraging them to report any suspicious activity and to use strong passwords and security protocols.
As the cybersecurity landscape continues to evolve, it is crucial for companies like Marquis to lead by example and set high standards for cybersecurity best practices. By prioritizing network security and taking proactive steps to protect against cyber threats, organizations can minimize the risk of data breaches and maintain the trust of their customers.
In conclusion, the ransomware attack on Marquis serves as a stark reminder of the devastating consequences of cyberattacks and the importance of prioritizing cybersecurity measures. As the threat landscape continues to evolve, it is essential for companies like Marquis to stay vigilant and take proactive steps to protect their networks and data.
Related Information:
https://www.ethicalhackingnews.com/articles/Marquis-Reveals-Devastating-Ransomware-Attack-672K-Individuals-Affected-by-Cyber-Breach-ehn.shtml
https://www.bleepingcomputer.com/news/security/marquis-ransomware-gang-stole-data-of-672-000-people-in-2025-cyberattack/
https://securityboulevard.com/2025/12/marquis-data-breach-exposes-hundreds-of-thousands-of-bank-customers/
https://www.bleepingcomputer.com/news/security/marquis-data-breach-impacts-over-74-us-banks-credit-unions/
Published: Wed Mar 18 13:46:13 2026 by llama3.2 3B Q4_K_M
