Marquis Bank data breach exposes 672,000 people in ransomware attack

A behind-the-scenes technology company used by banks has revealed that more than 672,000 people had sensitive personal and financial information stolen in a hack. Ransomware attack. This includes details that criminals can use to drain accounts, open loans, or impersonate you.

What makes this even more worrying is that the company is not a household name, so you likely never knew your data was there.

Sign up for my free CyberGuy report
Get the best tech tips, breaking security alerts, and exclusive deals delivered straight to your inbox. For simple, realistic ways to spot scams early and stay protected, visit CyberGuy.com – trusted by the millions who watch CyberGuy on TV every day. Plus, you’ll get instant access to the Ultimate Scam Survival Guide for free when you join.

How to safely view your bank and retirement accounts online

Personal and financial data of more than 672,000 people has been exposed after a ransomware attack hit Marquis, a little-known technology company used by banks. (Art Marie/Getty Images)

All about the Marquis data breach

Marquis, a Texas-based fintech company, provides data analysis tools to hundreds of banks. Banks rely on Marquis to study customer behavior and improve services, which means Marquis has access to highly sensitive financial and personal data.

In August 2025, The hackers reportedly gained access to Marquis systems and carried out a ransomware attack. The company now says at least 672,075 people have been affected. More than half are in Texas, but customers across multiple regions participate.

The stolen data reportedly included names, dates of birth, home addresses, bank account details, debit and credit card numbers and even Social Security numbers. This combination is enough to commit serious identity fraud.

Marquis later filed a lawsuit against its firewall provider, SonicWall, claiming that a vulnerability may have allowed attackers to steal important configuration files. According to the lawsuit, these files gave the hackers a roadmap to the Marquis network, which they used to steal data and spread ransomware.

What the lawsuit alleges

The lawsuit goes further, alleging that SonicWall failed to properly secure its cloud backup system, exposing firewall configuration files, encrypted credentials and detailed network architecture associated with customers’ environments. Marquez claims that this level of access effectively gave attackers a blueprint for their defenses. Marquis also claims that SonicWall knew that its cloud backup service had been hacked, but did not immediately disclose the full scope of the breach. According to the complaint, the company initially reassured customers that firewall protection was not affected, which delayed Marquis’ ability to take preventative action. The complaint also alleges gross negligence, arguing that SonicWall failed to uphold the basic cybersecurity responsibilities expected of a security provider.

What Marquez said happened

CyberGuy reached out to Marquis for comment, and a spokesperson provided the following statement:

“In August 2025, Marquis Marketing Services identified a data security incident and we immediately activated our incident response protocols, including proactively shutting down affected systems to protect our data and our customers’ information. We engaged leading third-party cybersecurity experts to conduct a thorough investigation and notified law enforcement.

In September 2025, after a data security incident impacted our systems, our firewall service provider, a leading cybersecurity company, publicly disclosed that a threat actor had earlier in the year gained unauthorized access to its cloud backup service. Marquis recently began using this provider’s firewalls to help protect our network. While the provider initially reported that less than 5% of customers were affected, it later clarified in October 2025 that firewall configuration data and credentials associated with all customers using the cloud backup service, including Marquis, had been accessed.

We know that our customers place great trust in us, and we take this responsibility very seriously. Protecting information remains our top priority, and we continue to enhance our security measures in response to the evolving cyber threat landscape. We are grateful for the cooperation, understanding and support of our employees and customers throughout this process.”

We also reached out to SonicWall for comment, but did not hear back before the specified deadline.

Why do scammers open bank accounts in your name?

A ransomware attack on Texas-based fintech company Marquis exposed sensitive data that criminals can use to steal identities, open loans and target bank customers. (Fresh Splash/Getty Images)

How to detect an attack and why it matters to you

This attack did not target you directly. Instead, it hit a company located in the middle of the market Banking system. This is what makes it dangerous. Think of it this way: You lock your house, but someone breaks into the security company that manages the keys to your entire neighborhood. Suddenly, they can open multiple homes without even touching your front door.

In this case, the hackers reportedly gained access to firewall configuration files. These are like diagrams that show how a company’s defenses are set up. With this information, attackers can find vulnerabilities and infiltrate them without raising alarms.

Security experts warn that when firewall configuration files and credentials are exposed, attackers can easily map the network, identify vulnerabilities, and bypass protections that would normally stop the intrusion.

Once inside, they copied sensitive data and encrypted systems likely to demand a ransom. Even if the company restores operations, your data is already there.

Criminals can use your Social Security number and financial details to open credit cards, obtain loans, or access your bank accounts. They can also combine your data with other leaks to create convincing scams that appear legitimate. You may receive calls, emails, or messages that appear to come from your bank but are actually attempts to steal more information.

9 ways you can protect yourself from Marquis data breach

If your information has been exposed, or even if you’re not sure, taking action now can reduce the risk of fraud. identity theft, and unauthorized access to your accounts.

1) Check if your email and passwords are at risk

To see if your email has been affected, visit Have you been Pwned in hasibeenpwned.com. This is the first and official source for the newly added dataset. Enter your email address to see if your information appears in the Synthient leak. When you’re done, come back here for Step 2.

2) Change your passwords immediately

Start with your most important accounts, such as email, medical, and banking. Use strong, unique passwords made up of letters, numbers, and symbols. Avoid predictable choices like names or birthdays. Never reuse passwords. One stolen password can unlock multiple accounts. A password manager makes this simple. It securely stores complex passwords and helps you create new ones. Many managers also scan for breaches to see if your existing passwords have been exposed. See my review of Best password managers of 2026 in Cyberguy.com.

3) Monitor your bank accounts closely

Check your transactions at least once every few days, not just when your monthly statement arrives. Look for small, uncommon fees because criminals often test accounts with small transactions before attempting larger withdrawals. Catching this early gives you a better chance of stopping further damage.

4) Place a fraud alert or credit freeze

If your Social Security number is likely to be compromised, consider setting a fraud alert or freezing your credit. This makes it difficult for criminals to open new accounts in your name. A freeze is a stronger protection because lenders must verify your identity before issuing credit.

Why isn’t a credit freeze the end of identity theft?

The Marquis breach shows how sensitive financial data can be exposed by third-party companies that most bank customers never know exist. (Shepard/Getty Images)

5) Enable two-factor authentication (2FA)

Enable two-factor authentication (2FA) whenever possible, especially for bank accounts and email accounts. This adds a second step, like a code sent to your phone, making it difficult for anyone to access your accounts even if they have your password.

6) Check if your data is already circulating online

With such breaches, your information could end up on the dark web without your knowledge. If you find that your information is there, take it seriously and consider removing your data where possible or using a data removal service to limit further exposure. Check out my top picks for Data removal services And get Free scan To find out if your personal information is already on the web by visiting Cyberguy.com.

7) Watch out for targeted scams

With your personal details exposed in the Marquis data breach, scammers can craft messages that appear legitimate. Be wary of calls or emails claiming to be from your bank and asking you to verify or take urgent action. Always contact your bank directly using the official numbers instead of replying to those messages. Also avoid clicking on links you don’t know. The best way to protect yourself from malicious links that install malware, and potentially access your private information, is to install strong antivirus software on all your devices. This protection can also alert you to phishing emails and ransomware, keeping your personal information and digital assets safe. Get my picks for Winner of the Best Antivirus Protection 2026 awardFor Windows, Mac, Android and iOS devices on Cyberguy.com.

8) Consider identity theft protection services

These services monitor your personal information via credit reports, dark web marketplaces, and financial systems. They can quickly alert you if your identity is being misused, giving you the opportunity to act before serious harm occurs. Check out my tips and top picks Best protection from identity theft in Cyberguy.com.

9) Keep your devices updated and secure

Make sure your phone, computer, and apps are updated with the latest security patches. Install reliable antivirus software to detect malicious activity. Even though this breach did not occur on your device, attackers often pursue malware-based scams.

Key takeaway for Kurt

This hack highlights a growing problem you rarely see. Your data doesn’t just live with your bank. It’s shared across a network of third-party companies you’ve never heard of, yet it contains enough information to fully reveal your financial identity. When someone fails, the consequences fall on you. The legal battle between Marquis and SonicWall also raises a larger question about accountability. When cybersecurity providers themselves are accused of exposing sensitive infrastructure and delaying disclosure, it shows how quickly trust can break down across an entire system.

Should companies handling your financial data face automatic penalties when breaches expose hundreds of thousands of people? Let us know by writing to us at Cyberguy.com.

Click here to download the FOX NEWS app

Sign up for my free CyberGuy report
Get the best tech tips, breaking security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – for free when you join my site CYBERGUY.COM Newsletter.

Copyright 2026 CyberGuy.com. All rights reserved.