Banking tech data breach exposes 672K in ransomware attack

If you've ever trusted your slope to keep your financial information safe, this incident will deed adjacent to home.

A behind-the-scenes tech institution utilized by banks has revealed that much than 672,000 group had delicate individual and financial accusation stolen successful a ransomware attack. That includes specifications that criminals tin usage to drain accounts, unfastened loans, aliases impersonate you.

What makes this much concerning is that nan institution is not a family name, truthful you apt ne'er knew your information was moreover there.

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. For simple, real-world ways to spot scams early and enactment protected, visit CyberGuy.com – trusted by millions who watch CyberGuy connected TV daily. Plus, you'll get instant entree to my Ultimate Scam Survival Guide free erstwhile you join.

HOW TO SAFELY VIEW YOUR BANK AND RETIREMENT ACCOUNTS ONLINE
 

More than 672,000 group had individual and financial information exposed aft a ransomware onslaught deed Marquis, a little-known tech institution utilized by banks. (ArtMarie/Getty Images)

All astir nan Marquis information breach

Marquis, a fintech institution based successful Texas, provides information analytics devices to hundreds of banks. Banks trust connected Marquis to study customer behaviour and amended services, which intends Marquis has entree to highly delicate financial and individual data.

In August 2025, hackers reportedly gained access to Marquis' systems and carried retired a ransomware attack. The institution now says astatine slightest 672,075 group were affected. More than half of them are successful Texas, but customers crossed aggregate regions are involved.

The stolen information reportedly includes names, dates of birth, location addresses, slope relationship details, debit and in installments paper numbers, and moreover Social Security numbers. That operation is capable to perpetrate superior personality fraud.

Marquis later revenge a suit against its firewall provider, SonicWall, claiming that a information flaw whitethorn person allowed attackers to bargain captious configuration files. According to nan lawsuit, those files gave hackers a roadmap into Marquis' network, which they utilized to bargain information and deploy ransomware.

What nan suit alleges

The suit goes further, alleging that SonicWall grounded to decently unafraid its unreality backup system, which exposed firewall configuration files, encrypted credentials and elaborate web architecture tied to customer environments. Marquis claims this level of entree efficaciously gave attackers a blueprint of its defenses. Marquis besides alleges that SonicWall knew its unreality backup work had been compromised but did not promptly disclose nan afloat scope of nan breach. According to nan complaint, nan institution initially reassured customers that firewall protections were not affected, delaying Marquis' expertise to return protective action. The title further alleges gross negligence, arguing that SonicWall grounded to uphold basal cybersecurity responsibilities expected of a information provider.

What Marquis says happened

CyberGuy reached retired to Marquis for comment, and a spokesperson provided nan pursuing statement:

"In August 2025, Marquis Marketing Services identified a information information incident and instantly enacted our incident consequence protocols, including proactively taking affected systems offline to protect our information and our customers' information. We engaged starring third-party cybersecurity experts to behaviour a broad investigation and notified rule enforcement.

In September 2025, aft nan information information incident affected our systems, our firewall work provider, an industry-leading cybersecurity company, publically disclosed that a threat character had earlier successful nan twelvemonth gained unauthorized entree to its unreality backup service. Marquis had precocious begun utilizing this provider's firewalls to thief protect our network. While nan supplier initially reported that less than 5% of customers were affected, it later clarified successful October 2025 that firewall configuration information and credentials associated pinch each customers utilizing nan unreality backup service, including Marquis, had been accessed.

We cognize our customers spot awesome spot successful us, and we return that work seriously. Protecting accusation remains our highest priority, and we proceed to heighten our information measures successful consequence to nan evolving cyber threat landscape. We are grateful for nan cooperation, knowing and support of our labor and customers passim this process."

We besides reached retired to SonicWall for comment, but did not perceive backmost earlier our deadline.

WHY SCAMMERS OPEN BANK ACCOUNTS IN YOUR NAME
 

A ransomware onslaught connected Texas-based fintech patient Marquis exposed delicate information that criminals could usage to bargain identities, unfastened loans and target slope customers. (FreshSplash/Getty Images)

How nan onslaught unfolded and why it matters to you

This onslaught did not target you directly. Instead, it deed a institution that sits successful nan mediate of nan banking system. That is what makes it dangerous. Think of it for illustration this: you fastener your house, but personification breaks into nan information institution that manages keys for your full neighborhood. Suddenly, they tin unlock aggregate homes without ever rubbing your door.

In this case, hackers reportedly gained entree to firewall configuration files. These are for illustration blueprints that show really a company's defenses are group up. With that information, attackers tin find anemic spots and gaffe successful without mounting disconnected alarms.

Security experts pass that erstwhile firewall configuration files and credentials are exposed, attackers tin much easy representation retired a network, place vulnerabilities and bypass protections that would usually extremity an intrusion.

Once inside, they copied delicate information and apt encrypted systems to request a ransom. Even if nan institution restores operations, your information is already retired there.

Criminals tin usage your Social Security number and financial specifications to unfastened in installments cards, return loans, aliases entree your slope accounts. They tin besides harvester your information pinch different leaks to create convincing scams that look legitimate. You mightiness person calls, emails, aliases messages that look to travel from your slope but are really attempts to bargain much information.

9 ways you tin protect yourself from nan Marquis information breach

If your accusation was exposed, aliases moreover if you're not sure, taking action now tin trim your consequence of fraud, identity theft, and unauthorized entree to your accounts.

1) Check if your email and passwords are compromised

To spot if your email was affected, visit Have I Been Pwned at haveibeenpwned.com. It is nan first and charismatic root for this recently added dataset. Enter your email reside to find retired if your accusation appears successful nan Synthient leak.  When done, travel backmost present for Step 2.

2) Change your passwords immediately

Start pinch your astir important accounts, specified arsenic email, aesculapian and banking. Use strong, unsocial passwords pinch letters, numbers, and symbols. Avoid predictable choices for illustration names aliases birthdays. Never reuse passwords. One stolen password tin unlock aggregate accounts.  A password head makes this simple. It stores analyzable passwords securely and helps you create caller ones. Many managers besides scan for breaches to spot if your existent passwords person been exposed. See my reappraisal of the Best Password Managers of 2026 at Cyberguy.com.

3) Monitor your slope accounts closely

Check your transactions astatine slightest erstwhile each fewer days, not conscionable erstwhile your monthly connection arrives. Look for small, unfamiliar charges because criminals often trial accounts pinch mini transactions earlier attempting larger withdrawals. Catching this early gives you a amended chance of stopping further damage.

4) Place a fraud alert aliases in installments freeze

If your Social Security number whitethorn beryllium exposed, see placing a fraud alert aliases freezing your credit. This makes it harder for criminals to unfastened caller accounts successful your name. A frost is simply a stronger protection because lenders must verify your personality earlier issuing credit.

WHY A CREDIT FREEZE ISN’T THE END OF IDENTITY THEFT
 

The Marquis breach shows really delicate financial information tin beryllium exposed done third-party companies astir slope customers ne'er cognize exist. (sshepard/Getty Images)

5) Enable two-factor authentication (2FA)

Enable two-factor authentication (2FA) whenever possible, particularly for banking and email accounts. This adds a 2nd step, for illustration a codification sent to your phone, which makes it overmuch harder for personification to entree your accounts moreover if they person your password.

6) Check if your information is already circulating online

With breaches for illustration this, your accusation tin extremity up connected nan acheronian web without you knowing. If you find your accusation is retired there, return it earnestly and see removing your information wherever imaginable aliases utilizing a information removal work to limit further exposure. Check retired my apical picks for data removal services and get a free scan to find retired if your individual accusation is already retired connected nan web by visiting Cyberguy.com.

7) Watch retired for targeted scams

With your individual specifications exposed successful nan Marquis information breach, scammers tin trade messages that consciousness legitimate. Be cautious of calls aliases emails claiming to beryllium from your slope asking for verification aliases urgent action. Always interaction your slope straight utilizing charismatic numbers alternatively of responding to those messages. Also, debar clicking links you don't recognize. The champion measurement to safeguard yourself from malicious links that instal malware, perchance accessing your backstage information, is to person beardown antivirus package installed connected each your devices. This protection tin besides alert you to phishing emails and ransomware scams, keeping your individual accusation and integer assets safe. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

8) Consider personality theft protection services

These services show your individual accusation crossed in installments reports, acheronian web marketplaces, and financial systems. They tin alert you quickly if your personality is being misused, giving you a chance to enactment earlier superior harm occurs. See my tips and champion picks on Best Identity Theft Protection at Cyberguy.com.

9) Keep your devices updated and secure

Make judge your phone, computer, and apps are up to day pinch nan latest information patches. Install trusted antivirus package to observe malicious activity. While this breach did not hap connected your device, attackers often travel up pinch malware-based scams. 

Kurt's cardinal takeaway

This breach highlights a increasing problem you seldom see. Your information does not conscionable unrecorded pinch your bank. It is shared crossed a web of third-party companies that you person ne'er heard of, yet they clasp capable accusation to expose your full financial identity. When 1 of them fails, nan consequences autumn connected you. The ineligible conflict betwixt Marquis and SonicWall besides raises a bigger mobility astir accountability. When cybersecurity providers themselves are accused of exposing delicate infrastructure and delaying disclosure, it shows really quickly spot tin break down crossed nan full system.

Should companies that grip your financial information look automatic penalties erstwhile breaches expose hundreds of thousands of people? Let america cognize by penning to america at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide – free erstwhile you subordinate my CYBERGUY.COM newsletter.

Copyright 2026 CyberGuy.com. All authorities reserved.