Fintech firm Marquis blames hack at firewall provider SonicWall for its data breach

Marquis, a fintech company, has informed its customers of plans to pursue compensation from its firewall service provider, SonicWall, following a significant data breach. In a memo shared with clients, Marquis indicated that the ransomware attack, which occurred in August 2025, was facilitated by a previous security breach at SonicWall that exposed sensitive information about its firewall systems. According to the memo reviewed by TechCrunch, the breach at SonicWall enabled hackers to acquire the necessary credentials to target Marquis. An investigation conducted by a third party revealed that the attackers accessed crucial details about Marquis's firewall during SonicWall's earlier security incident, allowing them to bypass the company's defenses. Marquis acknowledged that it had stored a backup of its firewall configuration in SonicWall's cloud storage. The company is currently exploring various options regarding its relationship with SonicWall, including potential recovery of costs incurred by both Marquis and its customers due to the data breach. In a statement, Hanna Grimm, a spokesperson for Marquis, reaffirmed the connection between the two incidents without contradicting the information shared with customers. In her remarks, Grimm noted that SonicWall had publicly acknowledged in September 2025 that unauthorized access to its cloud backup service had occurred earlier in the year. While SonicWall initially reported that only a small percentage of customers were affected, it later revealed in October that the breach impacted the firewall configuration data of all clients utilizing the cloud backup service. SonicWall spokesperson Bret Fitzgerald responded to the claims by stating that the company has requested evidence from Marquis to support its assertions and will continue to engage with the fintech firm. Fitzgerald emphasized that there was no new evidence linking the September incident with ongoing global ransomware attacks. Marquis, headquartered in Texas, provides services to banks and credit unions, enabling them to analyze customer data. Last month, the company began notifying hundreds of thousands of individuals whose personal information—including financial data and Social Security numbers—was compromised during the ransomware attack. In October, SonicWall conceded that a prior breach had indeed affected all customers who utilized its cloud backup service for firewall files. Originally, the company had claimed that only a small fraction of configuration files were stolen. Marquis also investigated whether a patch it failed to implement at the time of the breach might have contributed to the attack but concluded that the patch was related to a vulnerability that could not have been exploited to gain access to its data. Currently, Marquis has not disclosed the number of individuals impacted by the breach, but this figure is expected to increase as further notifications are submitted to state authorities.