Marquis, a fintech firm based in Plano, Texas, has disclosed that a significant data breach last year impacted over 672,000 individuals. This incident, which occurred during a ransomware attack in August 2025, has prompted the company to notify those affected about the theft of their personal and sensitive financial information.
According to a report filed with the Maine attorney general's office, the breach primarily affected residents in Texas, with more than half of the individuals residing in the state. This recent disclosure sheds light on the scale of the breach, providing the most comprehensive overview of the affected parties to date.
The attack compromised a wealth of sensitive data, including names, dates of birth, and postal addresses, alongside critical financial details such as bank account numbers, debit, and credit card information. Alarmingly, the hackers also accessed customers' Social Security numbers.
In response to the breach, Marquis has taken legal action against its firewall provider, SonicWall, claiming that security vulnerabilities contributed to the incident. The lawsuit alleges that SonicWall's failure to secure its systems allowed hackers to access firewall configuration backup files, which were then exploited to infiltrate Marquis' network and execute the ransomware attack.
Marquis has not publicly commented on these developments when approached by media outlets. However, the situation underscores the importance of robust cybersecurity measures in protecting sensitive information in the digital age.
As cybersecurity threats continue to evolve, this incident serves as a reminder of the ongoing challenges organizations face in safeguarding personal data. The future will likely see an increased emphasis on enhancing security protocols and fostering greater transparency to protect consumers' information.