Texas Fintech Company Hit by Cyberattack That Stole Sensitive Financial Information

A ransomware attack on Marquis Marketing Services, a Texas-based fintech company that provides data analytics to banks, has exposed sensitive personal and financial information of more than 672,000 customers. The breach could have affected Michigan residents whose data was stored in the company's systems.

According to Marquis, the stolen information includes names, dates of birth, home addresses, bank account details, debit and credit card numbers, and Social Security numbers. Criminals could use this combination to commit identity fraud, drain accounts, open loans in victims' names, or impersonate affected individuals.

How the Breach Happened

The attack originated in August 2025 when hackers gained unauthorized access to Marquis' systems through a breach of SonicWall's cloud backup service. Marquis, which had recently begun using SonicWall's firewall technology to protect its network, discovered that threat actors had exploited a vulnerability in SonicWall's cloud backup system.

A Marquis spokesperson stated: "In August 2025, Marquis Marketing Services identified a data security incident and immediately enacted our incident response protocols, including proactively taking affected systems offline to protect our data and our customers' information. We engaged leading third-party cybersecurity experts to conduct a comprehensive investigation and notified law enforcement."

Lawsuit Against SonicWall

Marquis has filed a lawsuit against SonicWall, alleging that the security company's failure to properly secure its cloud backup system allowed attackers to steal critical configuration files. According to the complaint, these files gave hackers a roadmap into Marquis' network, enabling them to steal data and deploy ransomware.

The lawsuit goes further, claiming that SonicWall failed to properly secure its cloud backup system, which exposed firewall configuration files, encrypted credentials, and detailed network architecture tied to customer environments. Marquis alleges that SonicWall knew its cloud backup service had been compromised but did not promptly disclose the full scope of the breach.

According to the complaint, SonicWall initially reported that fewer than 5% of customers were affected. However, the security company later clarified in October 2025 that firewall configuration data and credentials associated with all customers using the cloud backup service, including Marquis, had been accessed.

What This Means for Michigan Residents

While Marquis reported that more than half of the affected customers are in Texas, the company confirmed that customers across multiple regions were involved in the breach. This means Michigan residents whose banks use Marquis' data analytics services may have had their information exposed in the attack.

The company has notified all affected customers and is working to provide guidance on protecting their financial information. Residents who want to check if their email address was affected can visit Have I Been Pwned at haveibeenpwned.com to see if their information appears in the Synthient leak dataset.

Security Experts Warn of Ongoing Risks

Security experts warn that when firewall configuration files and credentials are exposed, attackers can more easily map out a network, identify vulnerabilities and bypass protections that would normally stop an intrusion.

Even if Marquis restores operations, the stolen data is already out there in the hands of criminals. Criminals can use the exposed Social Security numbers and financial details to open credit cards, take loans, or access bank accounts. They can also combine the stolen data with other leaks to create convincing scams that appear legitimate.

Affected individuals may receive calls, emails, or messages that seem to come from their bank but are actually attempts to steal more information.

What Residents Should Do Now

Experts recommend taking immediate action to protect yourself from fraud and identity theft:

• Use strong, unique passwords with letters, numbers, and symbols for all accounts
• Avoid predictable password choices like names or birthdays
• Never reuse passwords across multiple accounts
• Consider using a password manager to securely store credentials
• Monitor bank statements and credit reports for unusual activity
• Be wary of suspicious emails or calls asking for personal information

A Marquis spokesperson added: "We know our customers place great trust in us, and we take that responsibility seriously. Protecting information remains our highest priority, and we continue to enhance our security measures in response to the evolving cyber threat landscape. We are grateful for the cooperation, understanding and support of our employees and customers throughout this process."