Banking tech data breach exposes 672K in ransomware attack

If you've ever trusted your slope to support your fiscal information safe, this incidental volition deed adjacent to home.

A behind-the-scenes tech institution utilized by banks has revealed that much than 672,000 radical had delicate idiosyncratic and fiscal accusation stolen successful a ransomware attack. That includes details that criminals tin usage to drain accounts, unfastened loans, oregon impersonate you.

What makes this much concerning is that the institution is not a household name, truthful you apt ne'er knew your information was adjacent there.

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. For simple, real-world ways to spot scams aboriginal and enactment protected, visit CyberGuy.com – trusted by millions who ticker CyberGuy connected TV daily. Plus, you'll get instant entree to my Ultimate Scam Survival Guide escaped erstwhile you join.

HOW TO SAFELY VIEW YOUR BANK AND RETIREMENT ACCOUNTS ONLINE
 

More than 672,000 radical had idiosyncratic and fiscal information exposed aft a ransomware onslaught deed Marquis, a little-known tech institution utilized by banks. (ArtMarie/Getty Images)

All astir the Marquis information breach

Marquis, a fintech institution based successful Texas, provides information analytics tools to hundreds of banks. Banks trust connected Marquis to survey lawsuit behaviour and amended services, which means Marquis has entree to highly delicate fiscal and idiosyncratic data.

In August 2025, hackers reportedly gained entree to Marquis' systems and carried retired a ransomware attack. The institution present says astatine slightest 672,075 radical were affected. More than fractional of them are successful Texas, but customers crossed aggregate regions are involved.

The stolen information reportedly includes names, dates of birth, location addresses, slope relationship details, debit and recognition paper numbers, and adjacent Social Security numbers. That operation is capable to perpetrate superior individuality fraud.

Marquis aboriginal filed a suit against its firewall provider, SonicWall, claiming that a information flaw whitethorn person allowed attackers to bargain captious configuration files. According to the lawsuit, those files gave hackers a roadmap into Marquis' network, which they utilized to bargain information and deploy ransomware.

What the suit alleges

The suit goes further, alleging that SonicWall failed to decently unafraid its unreality backup system, which exposed firewall configuration files, encrypted credentials and elaborate web architecture tied to lawsuit environments. Marquis claims this level of entree efficaciously gave attackers a blueprint of its defenses. Marquis besides alleges that SonicWall knew its unreality backup work had been compromised but did not promptly disclose the afloat scope of the breach. According to the complaint, the institution initially reassured customers that firewall protections were not affected, delaying Marquis' quality to instrumentality protective action. The ailment further alleges gross negligence, arguing that SonicWall failed to uphold basal cybersecurity responsibilities expected of a information provider.

What Marquis says happened

CyberGuy reached retired to Marquis for comment, and a spokesperson provided the pursuing statement:

"In August 2025, Marquis Marketing Services identified a information information incidental and instantly enacted our incidental effect protocols, including proactively taking affected systems offline to support our information and our customers' information. We engaged starring third-party cybersecurity experts to behaviour a broad probe and notified instrumentality enforcement.

In September 2025, aft the information information incidental affected our systems, our firewall work provider, an industry-leading cybersecurity company, publically disclosed that a menace histrion had earlier successful the twelvemonth gained unauthorized entree to its unreality backup service. Marquis had precocious begun utilizing this provider's firewalls to assistance support our network. While the supplier initially reported that less than 5% of customers were affected, it aboriginal clarified successful October 2025 that firewall configuration information and credentials associated with each customers utilizing the unreality backup service, including Marquis, had been accessed.

We cognize our customers spot large spot successful us, and we instrumentality that work seriously. Protecting accusation remains our highest priority, and we proceed to heighten our information measures successful effect to the evolving cyber menace landscape. We are grateful for the cooperation, knowing and enactment of our employees and customers passim this process."

We besides reached retired to SonicWall for comment, but did not perceive backmost earlier our deadline.

WHY SCAMMERS OPEN BANK ACCOUNTS IN YOUR NAME
 

A ransomware onslaught connected Texas-based fintech steadfast Marquis exposed delicate information that criminals could usage to bargain identities, unfastened loans and people slope customers. (FreshSplash/Getty Images)

How the onslaught unfolded and wherefore it matters to you

This onslaught did not people you directly. Instead, it deed a institution that sits successful the mediate of the banking system. That is what makes it dangerous. Think of it similar this: you fastener your house, but idiosyncratic breaks into the information institution that manages keys for your full neighborhood. Suddenly, they tin unlock aggregate homes without ever touching your door.

In this case, hackers reportedly gained entree to firewall configuration files. These are similar blueprints that amusement however a company's defenses are acceptable up. With that information, attackers tin find anemic spots and gaffe successful without mounting disconnected alarms.

Security experts pass that erstwhile firewall configuration files and credentials are exposed, attackers tin much easy representation retired a network, place vulnerabilities and bypass protections that would usually halt an intrusion.

Once inside, they copied delicate information and apt encrypted systems to request a ransom. Even if the institution restores operations, your information is already retired there.

Criminals tin usage your Social Security fig and fiscal details to unfastened recognition cards, instrumentality loans, oregon entree your slope accounts. They tin besides harvester your information with different leaks to make convincing scams that look legitimate. You mightiness person calls, emails, oregon messages that look to travel from your slope but are really attempts to bargain much information.

9 ways you tin support yourself from the Marquis information breach

If your accusation was exposed, oregon adjacent if you're not sure, taking enactment present tin trim your hazard of fraud, individuality theft, and unauthorized entree to your accounts.

1) Check if your email and passwords are compromised

To spot if your email was affected, visit Have I Been Pwned at haveibeenpwned.com. It is the archetypal and authoritative root for this recently added dataset. Enter your email code to find retired if your accusation appears successful the Synthient leak.  When done, travel backmost present for Step 2.

2) Change your passwords immediately

Start with your astir important accounts, specified arsenic email, aesculapian and banking. Use strong, unsocial passwords with letters, numbers, and symbols. Avoid predictable choices similar names oregon birthdays. Never reuse passwords. One stolen password tin unlock aggregate accounts.  A password manager makes this simple. It stores analyzable passwords securely and helps you make caller ones. Many managers besides scan for breaches to spot if your existent passwords person been exposed. See my reappraisal of the Best Password Managers of 2026 at Cyberguy.com.

3) Monitor your slope accounts closely

Check your transactions astatine slightest erstwhile each fewer days, not conscionable erstwhile your monthly connection arrives. Look for small, unfamiliar charges due to the fact that criminals often trial accounts with tiny transactions earlier attempting larger withdrawals. Catching this aboriginal gives you a amended accidental of stopping further damage.

4) Place a fraud alert oregon recognition freeze

If your Social Security fig whitethorn beryllium exposed, see placing a fraud alert oregon freezing your credit. This makes it harder for criminals to unfastened caller accounts successful your name. A frost is simply a stronger extortion due to the fact that lenders indispensable verify your individuality earlier issuing credit.

WHY A CREDIT FREEZE ISN’T THE END OF IDENTITY THEFT
 

The Marquis breach shows however delicate fiscal information tin beryllium exposed done third-party companies astir slope customers ne'er cognize exist. (sshepard/Getty Images)

5) Enable two-factor authentication (2FA)

Enable two-factor authentication (2FA) whenever possible, particularly for banking and email accounts. This adds a 2nd step, similar a codification sent to your phone, which makes it overmuch harder for idiosyncratic to entree your accounts adjacent if they person your password.

6) Check if your information is already circulating online

With breaches similar this, your accusation tin extremity up connected the acheronian web without you knowing. If you find your accusation is retired there, instrumentality it earnestly and see removing your information wherever imaginable oregon utilizing a information removal work to bounds further exposure. Check retired my apical picks for data removal services and get a free scan to find retired if your idiosyncratic accusation is already retired connected the web by visiting Cyberguy.com.

7) Watch retired for targeted scams

With your idiosyncratic details exposed successful the Marquis information breach, scammers tin trade messages that consciousness legitimate. Be cautious of calls oregon emails claiming to beryllium from your slope asking for verification oregon urgent action. Always interaction your slope straight utilizing authoritative numbers alternatively of responding to those messages. Also, debar clicking links you don't recognize. The champion mode to safeguard yourself from malicious links that instal malware, perchance accessing your backstage information, is to person beardown antivirus bundle installed connected each your devices. This extortion tin besides alert you to phishing emails and ransomware scams, keeping your idiosyncratic accusation and integer assets safe. Get my picks for the best 2026 antivirus extortion winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

8) Consider individuality theft extortion services

These services show your idiosyncratic accusation crossed recognition reports, acheronian web marketplaces, and fiscal systems. They tin alert you rapidly if your individuality is being misused, giving you a accidental to enactment earlier superior harm occurs. See my tips and champion picks on Best Identity Theft Protection at Cyberguy.com.

9) Keep your devices updated and secure

Make definite your phone, computer, and apps are up to day with the latest information patches. Install trusted antivirus bundle to observe malicious activity. While this breach did not hap connected your device, attackers often travel up with malware-based scams. 

Kurt's cardinal takeaway

This breach highlights a increasing occupation you seldom see. Your information does not conscionable unrecorded with your bank. It is shared crossed a web of third-party companies that you person ne'er heard of, yet they clasp capable accusation to exposure your full fiscal identity. When 1 of them fails, the consequences autumn connected you. The ineligible conflict betwixt Marquis and SonicWall besides raises a bigger question astir accountability. When cybersecurity providers themselves are accused of exposing delicate infrastructure and delaying disclosure, it shows however rapidly spot tin interruption down crossed the full system.

Should companies that grip your fiscal information look automatic penalties erstwhile breaches exposure hundreds of thousands of people? Let america cognize by penning to america at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide – escaped erstwhile you articulation my CYBERGUY.COM newsletter.

Copyright 2026 CyberGuy.com. All rights reserved.