Marquis, a Texas-based fintech firm, has notified over 672,000 individuals regarding a significant data breach that occurred last year. The company confirmed that hackers successfully exfiltrated personal and financial information during a ransomware incident in August 2025. This disclosure represents the most comprehensive public accounting of the breach's scope to date and follows a period of significant uncertainty for affected customers.
Affected individuals received notifications stating their names, dates of birth, and postal addresses were compromised by the intruders. Hackers also accessed sensitive financial records, including bank account numbers and credit card details stored within the company systems. Social Security numbers were among the most critical pieces of data reportedly stolen by the threat actors during the initial intrusion phase.
A listing filed with the Maine attorney general's office provided the specific count of 672,075 affected people across the United States. A separate data breach notice submitted to authorities in Texas indicated that more than half of the victims reside in that state. These documents confirm the scale of the exposure to regulators across multiple jurisdictions and establish legal compliance timelines and deadlines.
Marquis operates technology infrastructure used by hundreds of banks to analyze and visualize customer data for financial planning. The firm serves as a critical link between financial institutions and their client information systems, aggregating vast amounts of sensitive records. This centralization of data makes the company a high-value target for cybercriminals seeking access to banking records and identity information and profiles.
The company initiated legal action against its firewall provider, SonicWall, in February of the current year following the discovery of the breach. Marquis accuses the security vendor of negligence that allowed attackers to breach the network through known exploits. The lawsuit alleges that SonicWall created a vulnerability enabling the theft of critical configuration files necessary for defense systems.
According to the legal filing, hackers utilized stolen firewall configuration backups to compromise Marquis' internal systems effectively. This method allowed the threat actors to deploy ransomware and steal data without immediate detection by standard security monitoring tools. The alleged failure highlights the risks associated with third-party security vendor integrations and backup management protocols and procedures.
Cybersecurity experts note that supply chain attacks remain a persistent and evolving threat within the financial technology sector. When a vendor suffers a breach, all downstream clients often face exposure to the same vulnerabilities inherent in the shared infrastructure. Financial institutions must scrutinize the security protocols of their technology partners more rigorously to mitigate these systemic risks and liabilities.
Marquis did not provide an immediate comment when contacted by TechCrunch regarding the lawsuit or the specific details of the breach. The lack of official statement leaves the specific mitigation steps taken by the company unclear to the public and affected stakeholders. Regulatory bodies will likely require a detailed report on the security measures implemented following the incident to ensure future safety and compliance.
This incident underscores the growing complexity of securing data across interconnected financial networks and cloud-based service providers. The breach serves as a stark reminder that perimeter defenses alone cannot guarantee safety against sophisticated attacks targeting third parties. Banks relying on Marquis technology may need to reassess their own data protection strategies and vendor risk management processes and policies.
Observers will watch the outcome of the litigation between Marquis and SonicWall closely for indications of industry liability standards. The court findings could establish new precedents regarding vendor liability in data breach cases affecting financial consumers. Continued monitoring of consumer notifications will be necessary to assess the long-term impact on victims and the broader market dynamics.
