Fintech company Marquis is placing responsibility for a major cybersecurity incident on its firewall provider, claiming that a breach at the vendor level paved the way for hackers to access sensitive customer data. According to communications recently sent to clients, Marquis believes a ransomware attack it suffered in August 2025 was made possible by an earlier security failure involving SonicWall, the firm that supplied its firewall technology.
In its message to customers, Marquis explained that attackers were allegedly able to exploit confidential firewall configuration details that had been exposed during a prior compromise of SonicWall’s cloud-based backup systems. These details, including credentials and configuration files, were reportedly enough to bypass Marquis’ defenses and carry out the ransomware attack.
An internal investigation commissioned by Marquis found that the company had stored a backup of its firewall configuration within SonicWall’s cloud environment. Marquis now believes that data was accessed during the earlier SonicWall incident and later used by cybercriminals to infiltrate its systems. As a result, the company says it is reviewing possible legal and financial options, including seeking reimbursement for costs incurred by both Marquis and its affected customers.
In a public statement, a spokesperson for Marquis reiterated that the breach appeared to be linked to the firewall provider’s previously disclosed security lapse. SonicWall had initially stated that only a small percentage of customers were affected, but later acknowledged that configuration data tied to all users of its cloud backup service may have been accessed.
SonicWall, however, disputes the connection. A company representative said SonicWall has requested evidence supporting Marquis’ claims and maintains that no definitive link has been established between its own incident and the ransomware attacks impacting customers’ networks worldwide.
The fallout from the attack has been significant. Marquis, which provides data visualization services to hundreds of banks and credit unions across the U.S., has begun notifying hundreds of thousands of individuals whose personal and financial information was compromised. The stolen data reportedly includes names, banking details, and Social Security numbers.
Marquis also addressed speculation that its own internal security updates may have been at fault. The company said it reviewed whether an uninstalled software patch could have enabled the breach, but investigators concluded that the vulnerability in question could not have been used to access customer data.
While Marquis has not yet disclosed the total number of people affected, that figure is expected to grow as additional disclosures are filed with state regulators. The incident underscores the growing risks tied to third-party cybersecurity dependencies—and how a single weak link can ripple across an entire financial ecosystem.
