Ethical Hacking News
Marquis Software Solutions has filed a lawsuit against cybersecurity company SonicWall, alleging gross negligence and misrepresentation that led to a devastating ransomware attack on 74 U.S. banks, resulting in the theft of sensitive personal information from business partners.
Marquis Software Solutions filed a lawsuit against SonicWall alleging gross negligence and misrepresentation, claiming a ransomware attack in August 2025 was caused by a security gap introduced by SonicWall. The vulnerability allowed unauthorized access to firewall configuration backup files stored in SonicWall's cloud, compromising the information exposed in the breach. State-sponsored hackers carried out the attack, highlighting the severity of the situation and the importance of robust cybersecurity measures. SonicWall is accused of withholding critical information about the vulnerability and making misrepresentations to its customers about product security. Marquis is defending over 36 consumer class action lawsuits stemming from the ransomware attack, seeking monetary damages and indemnification.
In a shocking turn of events, Marquis Software Solutions has filed a lawsuit against cybersecurity company SonicWall, alleging gross negligence and misrepresentation that led to a devastating ransomware attack on 74 U.S. banks. The attack, which occurred in August 2025, resulted in the theft of sensitive personal information from business partners, including names, addresses, phone numbers, Social Security numbers, Taxpayer Identification Numbers, and financial account information.
According to Marquis, the breach was caused by a security gap introduced by SonicWall in its MySonicWall cloud backup service via an API code change in February 2025. The vulnerability allowed unauthorized access to firewall configuration backup files stored in SonicWall's cloud, which contain AES-256 encrypted credentials, configuration data, and MFA scratch codes.
Marquis claims that it had taken necessary security measures to protect its network, including having a current firewall, multi-factor authentication (MFA) enabled, and additional security controls in place. However, the threat actor exploited this vulnerability by compromising the information exposed in the SonicWall cloud backup breach, bypassing MFA and gaining unauthorized access to Marquis's network.
The incident response company Mandiant revealed that the attack was carried out by state-sponsored hackers, further highlighting the severity of the situation. Marquis subsequently discovered that the attackers had stolen files containing personal information from its business partners, including sensitive data such as names, addresses, phone numbers, Social Security numbers, Taxpayer Identification Numbers, and financial account information.
In a statement to BleepingComputer, Marquis stated that it is now defending more than 36 consumer class action lawsuits stemming from the ransomware attack. The company seeks monetary damages, indemnification, contribution for any judgments in the related class actions, attorneys' fees, and equitable relief.
SonicWall has been accused of withholding critical information about the vulnerability and ignoring Marquis's requests for assistance, further exacerbating the situation. The lawsuit also alleges that SonicWall made misrepresentations to its customers about the security of its products and services.
This case highlights the importance of robust cybersecurity measures and the need for companies like SonicWall to prioritize the security of their customers' data. It also underscores the consequences of neglecting to address vulnerabilities in cloud backup infrastructure and the devastating impact that such breaches can have on businesses and individuals alike.
Related Information:
https://www.ethicalhackingnews.com/articles/Marquis-Sues-SonicWall-Over-Ransomware-Attack-Caused-by-Backup-Breach-ehn.shtml
https://www.bleepingcomputer.com/news/security/marquis-sues-sonicwall-over-backup-breach-that-led-to-ransomware-attack/
https://techcrunch.com/2026/02/24/marquis-sonicwall-lawsuit-ransomware-firewall-breach/
Published: Wed Feb 25 10:36:43 2026 by llama3.2 3B Q4_K_M
