Techcrunch
Fintech firm Marquis has stated it will seek compensation from its firewall provider, SonicWall, after a data breach in August 2025. Marquis alleges that a prior breach at SonicWall exposed critical security information, enabling hackers to launch a ransomware attack against them.
AI 生成摘要
金融科技公司 Marquis 表示,在 2025 年 8 月發生數據洩露事件後,該公司計劃向其防火牆供應商 SonicWall 尋求賠償。Marquis 指稱,SonicWall 先前發生的數據洩露事件暴露了關鍵安全資訊,使駭客得以對 Marquis 發動勒索軟體攻擊。
Latest
AI
Amazon
Apps
Biotech & Health
Climate
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
Fundraising
Gadgets
Gaming
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
Social
Space
Startups
TikTok
Transportation
Venture
Staff
Events
Startup Battlefield
StrictlyVC
Newsletters
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
Fintech firm Marquis told customers that it plans to seek compensation from its firewall provider after blaming the company for a breach that allowed hackers to steal its customers’ personal and financial data.
In a memo shared with customers this week and seen by TechCrunch, Marquis said it believes that its August 2025 ransomware attack happened because the company’s firewall service provider SonicWall had its own data breach that exposed critical security information about its customers’ firewalls. That earlier breach of SonicWall allowed hackers to obtain credentials needed to launch a ransomware attack against Marquis, the memo said.
Marquis said its third-party investigation determined that the hackers obtained information about its firewall during the breach at SonicWall, which Marquis claims was used to circumvent its firewall. Marquis confirmed in the communication that it stored a backup of its firewall configuration file in SonicWall’s cloud.
The company was “evaluating its options” regarding its firewall provider, including the “recoupment of any expenses spent by Marquis and its customers in responding to the data incident,” according to the memo.
When reached for comment, Hanna Grimm, an agency spokesperson representing Marquis, did not address or dispute the company’s recent communication to customers, but reiterated the claim linking its breach with an earlier theft of its firewall configuration.
“In September 2025, after the data security incident affected our systems, our firewall service provider, an industry-leading cybersecurity company, publicly disclosed that a threat actor had earlier in the year gained unauthorized access to its cloud backup service,” the statement said.
“Marquis had recently begun using this provider’s firewalls to help protect our network,” the statement added. “While the provider initially reported that fewer than 5% of customers were affected, it later clarified in October 2025 that firewall configuration data and credentials associated with all customers using the cloud backup service, including Marquis, had been accessed.”
When contacted by TechCrunch, SonicWall spokesperson Bret Fitzgerald said that the company has asked Marquis for evidence to substantiate its claims and said it would continue to engage with its customer.
“We have no new evidence to establish a connection between the SonicWall security incident reported in September 2025 and ongoing global ransomware attacks on firewalls and other edge devices,” Fitzgerald said.
The Texas-based Marquis, which allows hundreds of banks and credit unions to visualize their customers’ data, began notifying hundreds of thousands of people last month that their information was taken during its ransomware attack.
The company has access to large amounts of data belonging to consumer banking customers across the U.S., including personal information, financial data, and Social Security numbers, which the hackers stole.
SonicWall conceded in October that an earlier breach of its systems had in fact affected all of its customers who backed up their firewall files to SonicWall’s cloud. It had previously said hackers stole only a fraction of its customers’ firewall configuration files containing policies and settings.
In the communication seen by TechCrunch, Marquis said it called in a third-party to investigate whether a patch it had failed to roll out at the time of the breach could have been to blame, but concluded that the patch related to a flaw that was not exploitable in a way that could have allowed hackers to access the company’s data.
Marquis’ spokesperson declined to provide a number of how many individuals are affected by its data breach. The number of individuals known to be affected by the breach is expected to rise as new data breach notifications are submitted to state attorneys general.
Do you know more about the Marquis data breach? Do you work at Marquis or a company affected by the breach? We would love to hear from you. To securely contact this reporter, you can reach out using Signal via the username: zackwhittaker.1337
Topics
Security Editor
Zack Whittaker is the security editor at TechCrunch. He also authors the weekly cybersecurity newsletter, this week in security.
He can be reached via encrypted message at zackwhittaker.1337 on Signal. You can also contact him by email, or to verify outreach, at [email protected].
Tickets are live at the lowest rates of the year. Save up to $680 on your pass — and if you’re among the first 500 registrants, score a +1 pass at 50% off.Meet investors. Discover your next portfolio company. Hear from 250+ tech leaders, dive into 200+ sessions, and explore 300+ startups building what’s next. Don’t miss these one-time savings.
Tesla is killing off the Model S and Model X
The price gap between Waymo and Uber is narrowing
Anthropic launches interactive Claude apps, including Slack and other workplace tools
This founder cracked firefighting — now he’s creating an AI gold mine
TikTok users freak out over app’s ‘immigration status’ collection — here’s what it means
Researchers say Russian government hackers were behind attempted Poland power outage
Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects’ laptops: Reports
© 2025 TechCrunch Media LLC.