What is the Marquis data breach?

The Marquis data breach is a ransomware attack where hackers accessed sensitive customer data from the U.S. fintech firm Marquis, impacting over 400,000 individuals.

How did hackers access Marquis systems?

Hackers exploited a known but unpatched vulnerability in a SonicWall firewall to gain entry into Marquis's network and steal data.

What kind of data was stolen in the Marquis breach?

Stolen data includes names, dates of birth, Social Security numbers, postal addresses, and bank account, debit, and credit card numbers.

Home / Technology / Fintech Data Breach Exposes Millions

Fintech Data Breach Exposes Millions

21 Dec, 2025

•

Summary

400,000+ individuals affected by fintech breach.
Hackers exploited unpatched firewall vulnerability.
Sensitive data includes SSNs, bank details.

A major data breach originating from U.S. fintech firm Marquis has exposed the sensitive information of at least 400,000 individuals across multiple states, with Texas reporting over 354,000 affected residents. Hackers gained unauthorized access to Marquis's systems by exploiting a known but unpatched vulnerability in a SonicWall firewall, leading to a ransomware attack confirmed by the company.

The breach, which began on August 14, resulted in the compromise of extensive personal and financial data. This includes customer names, dates of birth, postal addresses, Social Security numbers, and bank account, debit, and credit card numbers. Marquis, a provider for over 700 banks and credit unions, has engaged cybersecurity experts and law enforcement following the incident.

While Marquis stated there is no current evidence of data misuse for identity theft or fraud, experts warn that exposed core identity data can circulate for years. The incident underscores the pervasive risk of account takeover, new account fraud, and synthetic identity fraud, emphasizing the need for continuous vigilance and robust identity protection measures for consumers.