Fintech Firm Marquis Blames SonicWall Breach for Customer Data Theft, Seeks Compensation

Fintech provider Marquis attributes its August 2025 ransomware attack to a prior breach at firewall vendor SonicWall, claiming stolen cloud-stored firewall credentials enabled hackers to bypass defenses and exfiltrate sensitive customer data including Social Security and financial records. Marquis, serving hundreds of U.S. banks and credit unions, confirmed in a January 2026 memo that its third-party investigation traced the intrusion to SonicWall’s compromised cloud backup service—later acknowledged by SonicWall in October 2025 to have exposed all customers using the service, not just under 5% as initially reported. Marquis is now evaluating legal recourse to recover incident-related costs. SonicWall disputes the direct linkage, requesting evidence from Marquis while acknowledging the broader scope of its own breach.